The Silicon Review - Best Business Review Magazine 50 Most Trustworthy Companies 2019 | Page 77

the planet, working to secure your
software. Give back by sharing your
security analyses and helping it
work together to secure the code
that runs the world.
Open Security
Nowhere is this more important
than with open-source software.
Every company developing software
today is critically dependent on the
security of the open-source software
underpinning their applications.
Checking for dependencies and
known vulnerabilities is a good
start, but it’s not enough.
Securing Open Source
Software
“
At Semmle, we believe that security
is a shared responsibility, a problem
that we need to solve together, with
developers, security researchers and
the community at large.
”
Securing open source software
requires a shift in the open-source
community. Only the largest
organizations in the world have the
necessary resources to secure their
underlying components, and most of
this security research is not shared
with the wider community, leading
to a duplication of effort. Sharing
its collective security expertise is
imperative if the company is to
succeed in securing open-source
software.
Making security expertise shareable
is central to the Semmle mission.
Its security analyses are publically
available in its open-source
QL repository. Each QL query
represents a piece of security
knowledge — codified, readable,
and executable — ready to be
applied to any number of projects.
To date, over 1600 queries have
been contributed by Semmle and its
customers and partners in the fight
to secure open-source.
SR
Oege De Moor
CEO & Founder
77