Loading…
DeveloperWeek 2025 has ended
Company: DevOps clear filter
arrow_back View All Dates
Tuesday, February 18
 

12:00pm PST

[Virtual] PRO WORKSHOP: Bolster Your Bug Bounty – Code Search & Variant Analysis Techniques
Tuesday February 18, 2025 12:00pm - 12:50pm PST
VIRTUAL DeveloperWeek PRO STAGE
Milan Williams, Semgrep, Senior Product Manager
Austin Theriault, Semgrep, Software Engineer

With so many repositories, organizations can struggle to locate and remediate recurring insecure code patterns. In this talk, you will understand the fundamentals of bug bounty programs, their importance, and common inefficiencies. Attendees will learn how to perform variant analysis, refine searches to reduce false positives and find vulnerabilities quickly. By leveraging these techniques, security teams can identify and reuse previous findings, extending the impact of their bug bounty program and significantly reducing costs. This technical session also provides a detailed architectural overview of building an in-house code search engine, drawing from our own experience. We'll share our wins & woes through multiple iterations, lessons learned, and preferred technologies. Our session concludes with a practical end-to-end walkthrough of a sanitized bug bounty report. Join us to gain knowledge to implement these strategies and technologies in your own engineering practice. 
Speakers
avatar for Milan Williams

Milan Williams

Senior Product Manager, Semgrep
Milan Williams is a Senior Product Manager at Semgrep, where she helps security engineers and developers work together to ship secure software. She recently graduated from Harvard University with degrees in Computer Science and Physics. In her free time, you can find her running in... Read More →
avatar for Austin Theriault

Austin Theriault

Software Engineer, Semgrep
Tuesday February 18, 2025 12:00pm - 12:50pm PST
VIRTUAL DeveloperWeek PRO STAGE https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  OpsWorld
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, February 10
Tuesday, February 11
Wednesday, February 12
Thursday, February 13
Tuesday, February 18
Wednesday, February 19
Thursday, February 20
AI DevWorld Stage
AI DevWorld MAIN STAGE
CloudNative World Stage
Dev Innovation World Stage
Dev Security World Stage
DeveloperWeek MAIN STAGE
DeveloperWeek PRO Stage
DevExec World Stage
Frontend World Stage
Hyatt Regency Santa Clara
Hyatt Regency Santa Clara - Lobby
OpsWorld Stage
ProductWorld MAIN STAGE
Roundtables
Santa Clara Convention Center - Expo Hall
Santa Clara Convention Center - Main Lobby
VIRTUAL AI DevWorld Main Stage
VIRTUAL AI DevWorld Stage
VIRTUAL AI DevWorld Stage 1
VIRTUAL Cloud Native World
VIRTUAL Dev Exec World
VIRTUAL Dev Innovation World
VIRTUAL Dev Security World
VIRTUAL DeveloperWeek MAIN STAGE
VIRTUAL DeveloperWeek PRO STAGE
VIRTUAL Expo Hall
VIRTUAL Frontend World
VIRTUAL OpsWorld
VIRTUAL ProductWorld Main Stage
  • 1. Badge Pick-up & Registration
  • 2. Community Events & Experiences
  • 3. Expo Hours
  • 4. Hackathon
  • 5. KEYNOTES & FEATURED
  • AI DevWorld
  • Cloud Native World
  • Dev Exec World
  • Dev Innovation World
  • Dev Security World
  • Frontend World
  • OpsWorld
  • ProductWorld
  • Tracks & Topics
  • AI & ML Certificate
  • API Certificate
  • APIs & Microservices
  • Blockchain & Web3
  • Cloud Management Certificate
  • Data Engineering
  • Data Management and Engineering Certificate
  • Dev Career
  • Dev Leadership Certificate
  • Developer Experience (DX)
  • Developer Tools
  • DevOps
  • DevOps Certificate
  • Enterprise
  • Frontend Certificate
  • Gen AI / LLMs
  • Open Source Strategy
  • Platform Engineering
  • Product Certificate
  • Security Certificate
  • Technical Leadership & Management
  • Session Type
  • OPEN Session
  • PRO Session
  • PRO Workshop Day (Tues)
  • Conferences
  • AI & Organizational Change Management (AI DevWorld)
  • AI DevWorld
  • AI DevWorld: AI Strategy Conference
  • AI DevWorld: AI/ML Engineering Conference
  • AI DevWorld: Industry AI Conference
  • AI Ethics (AI DevWorld)
  • AI for the Enterprise (AI DevWorld)
  • AI Security & Governance & Compliance (AI DevWorld)
  • Applied AI Innovation (AI DevWorld)
  • Applied Machine Learning (AI DevWorld)
  • Bots & Language Processing (AI DevWorld)
  • Cloud Native World
  • Data Science & Predictive Models (AI DevWorld)
  • Deep AI Learning & Neural Networks (AI DevWorld)
  • Dev Exec World
  • Dev Innovation World
  • Dev Security World
  • Finance/FinTech AI (AI DevWorld)
  • Frontend World
  • Generative AI & LLMs (AI DevWorld)
  • Healthcare & HealthTech AI (AI DevWorld)
  • Marketing & Advertising AI (AI DevWorld)
  • Methodology: Agile and Rapid Prototyping and SCRUM and Beyond (ProductWorld)
  • MLOps & AIOps (AI DevWorld)
  • OPEN Session
  • OpenAPI Summit
  • OpsWorld
  • OWASP Certified
  • Product Lead / Product Manager Roundtables (ProductWorld)
  • Product Lifecycle & Case Studies (ProductWorld)
  • Product Management Tools & Software (ProductWorld)
  • Product Roadmap Strategy & Innovation (ProductWorld)
  • Product Team Management & Structure (ProductWorld)
  • ProductWorld
  • Retail & E-commerce AI (AI DevWorld)
  • Roundtables
  • Sponsor Spotlight
  • Tensorflow & PyTorch & Open Source Frameworks (AI DevWorld)
  • Virtual
  • In-Person/Virtual
  • In Person
  • Virtual
  • Virtual Exclusive