QL is a variant analysis engine that allows product security teams to quickly explore code to find zero-days and all variants of vulnerabilities.
- QL provides a comprehensive set of libraries for creating custom analyses to run from your browser, IDE or command line.
- QL is easy to learn and quick to get started with. Exploring code using QL is the most efficient way to perform variant analysis.
- QL queries are easy to share and modify. Top researchers from organizations like NASA, Microsoft, Google, Siemens, QualComm and Uber are constantly contributing to Semmle's public query library.