#security
2 posts
- Feature Flags for Security: Decouple Deployment from Risk
Security teams conflate deployment with activation. Feature flags split them apart, turning security from a gate into a dial.
- How I Built a Security Scanner That Actually Finds Bugs
Combining Semgrep, CodeQL, SonarQube, and Snyk gets you 44.7% vulnerability detection. Semantic SAST combines Tree-sitter with LLM reasoning to do better.