Reading about CVE-2017-9805 it was really interesting to learn that the company that discovered it was using a Datalog-like language in order to query Java code for vulnerability patterns.

https://en.wikipedia.org/wiki/Semmle