Blog

Insights on application security, static analysis, and building tools that developers actually want to use

4 articles

Latest Article

securitydead codepythonappseccode quality

Dead code isn't just technical debt—it's a security liability

Every line of unused code in your codebase is a potential vulnerability waiting to be exploited. Here's why dead code matters for security teams, and what to do about it.

February 15, 2026

2 min read

Read article

engineeringcode-review

Surviving the AI PR Tsunami

AI generates code instantly. Humans review at 10 lines per minute. The math doesn't work anymore. Here is why the 'LGTM' culture is destroying quality and how to automate the 'Verify' step.

AI-generated code is shipping vulnerabilities

LLMs write code fast. The problem? It is not safe. Here is why AI-generated code fails security checks, the most common vulnerability patterns, and how to detect them with SAST and agentic verification.

Why SAST tools drown teams in false positives (and what actually works)

Static Application Security Testing (SAST) is supposed to catch vulnerabilities before they ship. In practice? Most teams end up ignoring it.

Jan 21, 2026

1 min

Read

Blog

Latest Article

Dead code isn't just technical debt—it's a security liability

More Articles

Surviving the AI PR Tsunami

AI-generated code is shipping vulnerabilities

Why SAST tools drown teams in false positives (and what actually works)