undefined | Better HN

0 pointsmuricula6y ago0 comments

I've seen coworkers run semmle queries across the entire Windows OS codebase and find hundreds of issues which were/could result in security vulnerabilities. They've also leveraged it for variant analysis. If I'm not mistaken, the security teams are the largest internal users of Semmle at Microsoft.

You're right though, it's not a panacea, and it could probably be great for other uses too.

0 comments

3 comments · 1 top-level

wglb6y ago· 2 in thread

Any idea what the false positive rate is?

tru3_power6y ago

If you use the out of the box rules for any of these tools the false positive rate will usually be pretty high. The trick is to write custom rules that are more tailored to your code.

wglb6y ago

So how much is involved in writing the rules, and at the end of it, what is the net false positive?

1 more reply

j / k navigate · click thread line to collapse