all InfoSec news
30 new Semgrep rules: Ansible, Java, Kotlin, shell scripts, and more
Malware Analysis, News and Indicators - Latest topics malware.news
By Matt Schwager and Sam Alws
We are publishing a set of 30 custom Semgrep rules for Ansible playbooks, Java/Kotlin code, shell scripts, and Docker Compose configuration files. These rules were created and used to audit for common security vulnerabilities in the listed technologies. This new release of our Semgrep rules joins our public CodeQL queries and Testing Handbook in an effort to share our technical expertise with the security community. This blog post will briefly cover the new Semgrep …
ansible audit code compose configuration configuration files docker files java kotlin matt new release playbooks publishing release rules sam scripts security semgrep shell technologies vulnerabilities