Semmle Blog

QL training slides

We have made some training material available to help you learn QL and variant analysis for C/C++ and Java projects.

October 03, 2019

Golang support on LGTM - now in beta

LGTM now supports Golang, aka Go, on a limited number of projects and features. Learn how you can now write and run QL queries to analyze your Go projects.

October 01, 2019

Announcing the CTF winners

Announcing the winners of the Semmle U-Boot Capture the Flag!

September 25, 2019

Securing software together: GitHub + Semmle

September 18, 2019

Bridging the gap between developers and security teams

September 17, 2019

PII data leaks: Identifying personal information in logs with QL

September 16, 2019

Quest for an Exploit using QL

September 13, 2019

Finding Insecure Deserialization in Java

September 12, 2019

Using QL snapshots for analysis of large open source projects

September 12, 2019

Finding integer overflows in libssh2

An integer overflow in an unsigned cast can cause a negative error code to be accidentally ignored. Security researcher Kevin Backhouse explains how to write a simple Semmle QL query to detect variants of this bug.

September 10, 2019

Python Security: How to find and fix issues with QL

Are you a Python developer? We take a look at some security concerns that may be affecting Python security. Learn how you can use QL to identify and fix issues quickly.

September 10, 2019