Security research plays a critical role in everything we do at Semmle. Our products help security researchers become more productive and help them share good security practices with development teams, without slowing them down. Our security research team finds and reports critical vulnerabilities in open source software that the entire world relies on, as well as our customers’ enterprise codebases. On top of that, we are building and supporting a community of QL security researchers who write state-of-the-art security analyses to help secure your software.
At Semmle, we’re on a mission to secure the software that runs the world. That’s why we create products that help security researchers become more effective in finding new attack vectors and critical vulnerabilities through deep semantic code search, and allow for researchers to more easily share security expertise across and within and beyond their organizations, helping everyone involved in software engineering create more secure software.
In addition to letting engineers and researchers write their own analyses that find vulnerabilities in their own software portfolios, our products include deep out-of-the-box analyses that find security problems in your software, ranging from simple cross-site scripting vulnerabilities to intricate cases of unsafe data deserialization.
New methods to find security vulnerabilities and create exploits are surfacing constantly, the result is an ongoing arms race between those with malicious intent, and those of us who are protecting users and their data. Therefore, it is critical that security is made a core part of any software organization’s operation.
The Semmle Security Research team works closely with our customers and the open source community to find and report vulnerabilities in widely-used software. The team explores codebases and finds CVEs as part of their research, and that work is used as input to create new analyses which are included in our products. This practice helps both the open source community on LGTM.com and our enterprise customers write more secure software.
Man Yue Mo (front) and Kevin Backhouse (back) from the Semmle Security Research team.
The team regularly finds and reports new zero-day vulnerabilities - you can see a list of the most recently disclosed CVEs they reported on LGTM.com. In order to protect anyone who depends on these projects, we take great care to disclose such information responsibly. Such responsible disclosure requires a careful balance: project developers need time to patch vulnerabilities and warn their users, but waiting too long to publicly announce a security vulnerability increases the risk that an attacker may exploit it before users can protect themselves. See our disclosure policy for more details.
In addition to their skills, experience, and tireless effort, the Semmle Security Research team’s secret weapon in the security arms race is Semmle QL. The unique QL technology lets them quickly find new attack vectors, and enables them to perform variant analysis at unparalleled speed and with surgical precision.
We feel that this technology is so important to securing software worldwide that we’ve made it publicly available so that other security researchers can join the fight, and it can be used on open source projects for free on LGTM.com.
Sample QL query, which was used to find a remote code execution vulnerability in Apache Struts. Read more on the LGTM blog.
If you share our passion for security and vulnerability research and you’d like to join the Semmle, take a look at our open positions.
No single company in the software security space can hire enough security researchers to cover all different vulnerability types that are disclosed. That’s why we partner with security research teams at the world’s leading software development organizations to create and inspire new analyses and to improve existing analyses that are offered to Semmle’s customers and the open source community.
This invaluable community includes contributions from companies such as Google and Microsoft, and ensures that Semmle’s analyses find real problems almost immediately after they are first discovered.