Clint Gibler

Head Of Research at Semgrep

San Francisco, California, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Clint Gibler is a security research leader and Head of Research with 13 years of experience building AppSec tooling and leading teams across startups, consultancies, and government-focused contractors. He has deep expertise in static analysis, mobile (especially Android) security, and DevSecOps, having led research teams at Semgrep and NCC Group and founded the tl;dr sec newsletter to distill top security research. Clint pairs hands-on technical work—publishing tools, conference talks, and vulnerability research—with product and marketing collaboration to translate findings into practical defenses. He holds a PhD in Computer Science from UC Davis and brings a habit of constant learning (from new programming languages to improv and screenwriting) that fuels creative approaches to security problems.
code13 years of coding experience
job10 years of employment as a software developer
bookDoctor of Philosophy (PhD), Computer Science, Doctor of Philosophy (PhD), Computer Science at University of California, Davis
bookBachelor of Science (B.S.), Computer Science, Bachelor of Science (B.S.), Computer Science at Case Western Reserve University
languagesEnglish
github-logo-circle

Github Skills (136)

parser10
burp10
python10
semgrep10
abstract-syntax-tree10
security10
ruby10
code-generation10
linter10
program-analysis10
code-generator10
javascript10
static-analysis10
git-repo10
security-scanner10

Programming languages (15)

JavaCSSGoHTMLJupyter NotebookTypeScriptHCLOCaml

Github contributions (5)

github-logo-circle
nccgroup/gitpwnd

Aug 2017 - Mar 2021

GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines
Contributions:11 commits, 11 PRs, 12 pushes in 3 years 8 months
machinespenetrationcompromisedgit-repocommand-and-control
clintgibler/BenchmarkJava

Dec 2021 - Dec 2024

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
Contributions:29 PRs, 46 pushes, 48 branches in 3 years
runtimebenchmarksastsecurity-toolsvulnerabilities
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Clint Gibler - Head Of Research at Semgrep