Clint Gibler is the Head of Security Research for r2c, the company behind SEMGREP, a popular open-source static analysis security scanning tool used by teams all over the world.

He joined r2c to help build and shape the future of AppSec; one that includes secure defaults along with lightweight enforcement of those defaults.

In today's episode, Clint talks about SEMGREP, operationalization of tools for security teams, intersection between AppSec and D&R as well as tips to succeed in AppSec at scale.  

More topics discussed in this episode:

• SEMGREP's origin story and benefits

• The security startup creation pattern of recent years

• Trend shift to developers operating security problems at scale

• r2c's mission and products in addition to open source

• How application logs are useful in detection and response

• Type of vulnerabilities Clint is seeing more often

• Application security developments he is most excited about

 Other resources:

tl;dr Sec Newsletter: tldrsec.com