Language support for static code analysis is a constant struggle and excited to see so many new languages covered so fast, this is super exciting for the PHP developers/security engineers protecting 76.8% of the websites on the internet
Okay, I have struggled with really badly designed and user-unfriendly static code analysis or Static Application Security Testing (SAST) tools in the past. Bearer's open-source tool is a breath of fresh air in this space that is thirsty for innovation.
As an early tester of the scanner on my RoR and js apps, I really liked the sensitive-data centric prioritization which made it easy for my engineering team to interpret the output directly using CLI. This allowed me to:
- reducing app attack surface to minimize risk of data breach
- meeting regulatory compliance to meet customer's security standards and report on privacy compliance for GDPR, HIPAA, CCPA, etc.
- maximize engineering time on high impact fixes
Okay, if you want to focus on completely untold stories I believe every stories from every startup from Seed to Series A is interesting. For example - the process of figuring out a mission, testing out a product market fit, and pivoting to a product that is actually usable by customers would be uber cool to hear about.
Also would love to hear about YC projects that are not that famous - OpenAI, Smart Cities project, etc.
I love podcasts, and as a matter of fact host one myself called Veni Vidi VC. Despite the shameless plug, I would love to hear from successful YC founders who have had exits.
The entire process is fascinating to me, including:
- building a company
- raising funds, and
- making it ready to be absorbed as part of a corporation or better yet, becoming a public company
This is really weird and defensive from Slack. Instead of telling Microsoft how to do their job, do it better and kick their ass. As a wise man once said, actions speak louder than words.