-
New Feature: It's now possible to explore paths for alerts produced by data-flow queries (and other path queries) directly in LGTM!
#VariantAnalysis https://hubs.ly/H0gQnF30 -
A video demonstrating the latest highly critical macOS & iOS security vulnerability CVE-2018-4407: https://www.youtube.com/watch?v=aV7yEemjexk … Here are the details: https://semmle.com/news/apple-xnu-kernel-icmp-nfs-vulnerabilities …
#SemmleQL#variantanalysis -
Just love this example of variant analysis with
@semmle QL, for a class of seed vulnerabilities in Windows, identified by@tiraniddo of Project Zero. How lucky we are to be working with@_strohu of@msftsecresponse! https://blogs.technet.microsoft.com/srd/2019/03/14/local-privilege-escalation-via-the-windows-i-o-manager-a-variant-finding-collaboration/ …#VariantAnalysis -
Now available - QL snapshots for analysis of large open source projects. If you want to perform
#VariantAnalysis on large OSS projects, get details here: https://hubs.ly/H0kL9Ry0 -
If only there weren't a kernel-level potential remote code execution vulnerability that would make it easy to enable/disable this chip: https://semmle.com/news/apple-xnu-kernel-icmp-nfs-vulnerabilities … (coincidentally disclosed by Apple today!)
#SemmleQL#variantanalysis -
Let's secure open source, together. The RCE vulnerabilities found with http://LGTM.com keep coming: today, great work by
@nckrlf . Join the hunt, check your own favourite projects, and enable code review integration!#VariantAnalysis@SemmleInc@lgtmhqhttps://twitter.com/nckrlf/status/1058045250655133697 … -
Everything you wanted to know about
#variantanalysis but were afraid to ask. Your journey starts here: https://lgtm.com/blog/intro_to_variant_analysis_part_1 … Code a query to "find code patterns that are semantically similar to the original vulnerability"@Baron_von_Ryan#DevSecOps -
Need a better
#VariantAnalysis tool? Check out LSKB, Life Science Knowledge Bank, and sign up for a free trial. http://www.lskb.w-fusionus.com/#!variant-analysis/c14f7 … -
I work at a company that helped land the Curiosity rover. So, that's cool. https://blog.semmle.com/nasa-curiosity-variant-analysis/ …
#NASA#VariantAnalysis -
"Whenever a security vulnerability is discovered, we are presented with an opportunity. We should investigate how often the mistake is repeated, ..., and implement a process to prevent the mistake from happening again."
@Baron_von_Ryan#VariantAnalysis https://lgtm.com/blog/intro_to_variant_analysis_part_1 … -
Come over to the Business Hall Theater A right now to see
@fjserna present on security research and#VariantAnalysis#BlackHatpic.twitter.com/mPzQKyqd8s
-
Curious how
#VariantAnalysis can help you find more#vulnerabilities? Learn how in our series, "Introduction to variant analysis" (Part 2) https://hubs.ly/H0kC1Qx0 -
Technical write-ups on how Kevin used
#SemmleQL for#variantanalysis to find this many vulnerabilities this quickly: https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407 … and here:https://lgtm.com/blog/apple_xnu_nfs_vfsops_CVE-2018-4259 …Prikaži ovu nit -
I wrote a thing! Ever wonder how you can find security
#vulnerabilities in your code? Learn how in "Introduction to#VariantAnalysis Part 2". https://blog.semmle.com/introduction-to-variant-analysis-part-2/ … -
Don't forget to tune in to the
#GitHubUniverse demo desk live stream at 1:20pm to see how you can use#VariantAnalysis on LGTM to find and prevent bugs in your source code! -
Announcement here: https://semmle.com/news/denial-service-dos-vulnerability-facebook-fizz …. Kevin used
#SemmleQL to perform#VariantAnalysis on FB's Fizz codebase, which led to the discovery of this vulnerability (CVE-2019-3560). Want to know how to do this yourself? Read his detailed@LGTM blog post:https://lgtm.com/blog/facebook_fizz_CVE-2019-3560 …Prikaži ovu nit -
Another day, another CVE found through http://LGTM.com and
#VariantAnalysis. This time by@nckrlf.https://twitter.com/nckrlf/status/1058045250655133697 … -
I'll be one of the folks from
@Semmle heading to Vegas this year. Come and say hi, let's talk about#SemmleQL,#VariantAnalysis and finding vulnerabilities! https://twitter.com/Semmle/status/1154835811055099904 … -
Great post by the team at
@msftsecresponse: how to find (and fix!) 33 memory safety and path traversal vulnerabilities. It's called#VariantAnalysis and they use@Semmle QL to do it: https://blogs.technet.microsoft.com/srd/2019/03/19/vulnerability-hunting-with-semmle-ql-part-2/ … Try it yourself with on http://LGTM.com : https://lgtm.com/blog/intro_to_variant_analysis_part_1 …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.