Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

CodeQL Roundtable: Leveraging Static Analysis for Bug Bounties

Bugcrowd via YouTube

Overview

Explore the world of CodeQL and its impact on bug bounties and open-source security in this informative roundtable discussion featuring @JLLeitschuh. Gain insights into how CodeQL can be leveraged to uncover vulnerabilities, earn bounties, and enhance the security of open-source software. Learn about the importance of HTTPS, vulnerability locations, and effective remediation strategies. Discover the role of LGTM, GitHub notifications, and bounty programs in the process. Delve into future plans for CodeQL implementation and examine the Nettie vulnerability case study. Engage with a Q&A session at the end to further expand your understanding of this powerful security tool.

Syllabus

Intro
Title
Why is HTTPS important
Location of vulnerability
Who was vulnerable
How to fix it
Enter CodeQL
LGTM
How I did it
GitHub notifications
GitHub bounty
Slide deck
Future plans
Nettie vulnerability

Taught by

Bugcrowd

Reviews

Start your review of CodeQL Roundtable: Leveraging Static Analysis for Bug Bounties

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.