Remco Vermeulen

Research Engineer at XBOW

San Francisco, California, Netherlands
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Remco Vermeulen is a research-oriented software engineer with 11 years of experience bridging application security and automated code analysis, now based in San Francisco. He spent several years advancing CodeQL at GitHub—adding XML attribute dataflow support and expanding CCR suites across languages—to improve automated vulnerability discovery and remediation at scale. His background includes applied academic research in binary reverse engineering and malware detection from a VU Amsterdam PhD project, which informs a pragmatic approach to hardening systems without source access. At XBOW he continues to drive innovative automated security analysis, combining deep static-analysis expertise with practical engineering delivery. Colleagues know him for turning research insights into production-grade tools that make large-scale code scanning more precise and actionable.
code11 years of coding experience
job14 years of employment as a software developer
bookMsc Computer Science - High Performance Distributed Computing, Msc Computer Science - High Performance Distributed Computing at Vrije Universiteit Amsterdam (VU Amsterdam)
languagesEnglish, Dutch
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
1answer
0questions
github-logo-circle

Github Skills (16)

it-security10
github-advanced-security10
javas10
code-inspection10
scancode10
javascript10
scanning10
java10
codeql10
security10
semmle-ql9
data-analysis9
dataflow9
analyse9
owasp6

Programming languages (10)

TypeScriptC#JavaShellScalaSCSSJavaScriptCodeQL

Github contributions (5)

github-logo-circle
github/codeql

Jun 2020 - Sep 2021

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Role in this project:
userSecurity Engineer
Contributions:3 reviews, 46 commits, 25 PRs in 1 year 2 months
Contributions summary:Remco contributed to the CodeQL project by adding support for XML attributes in the data flow graph, which enhances the analysis capabilities. They also updated the Java CCR suite by including additional queries, and added CCR suites to other languages. Furthermore, the user modified the script to generate the code scanning query list by including the CCR suites. These contributions demonstrate a focus on improving code analysis and security features within the repository.
github-advanced-securitysecurity-toolsgithub-security-labsecurity-researcherssecurity
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
Contributions:5 releases, 44 commits, 14 PRs in 9 months
retrofitcode-scanningsecuritybundleadditional
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Remco Vermeulen - Research Engineer at XBOW