Jason Yeo
Software Engineer

2015-07-13 - Ongoing
Software Engineer
SourceClear is a security tool that analzyes project dependencies to look for vulnerable third party dependencies. It also performs analysis of the call graph to determine if a project is using a vulnerable thrid party dependency.
  • Implemented class hierarchy analysis and rapid type analysis in the command line tool to analyze Java projects
  • Extended the command line tool to support Python, Scala, and Objective C
  • Extended the call graph analyses to Ruby, Python, and .NET
  • Built and designed a DSL to query an interconnected knowledge graph of vulnerabilities and call graphs
National University of Singapore
Computer Science - Bachelor
2010-08-01 - 2014-05-01
Efficient static checking of library updates
An automated way of suggesting non-breaking library updates to maintainers of software projects through static analysis.

SGL: A Domain-Specific Language for Large-Scale Analysis of Open-Source Code
A domain-specific language for analyzing graph-structured datasets of open-source code and cataloguing vulnerabilities.

Slaying the Dragon
A talk on writing a simple lisp interpreter in Ruby.

Kwan Im Thong Hood Cho Computing Scholarship
NUS School of Computing
  • Java
  • Scala
  • Clojure
  • Ruby
  • Python
  • OCaml
Program Analysis
  • ASM
  • Class Hierarchy Analysis
  • Call graph analysis
  • Flow sensitive type analysis