SourceClear is a security tool that analzyes project dependencies to look for vulnerable third party dependencies. It also performs analysis of the call graph to determine if a project is using a vulnerable thrid party dependency.
Implemented class hierarchy analysis and rapid type analysis in the command line tool to analyze Java projects
Extended the command line tool to support Python, Scala, and Objective C
Extended the call graph analyses to Ruby, Python, and .NET
Built and designed a DSL to query an interconnected knowledge graph of vulnerabilities and call graphs