News

Using CodeQL to detect client-side vulnerabilities in web applications

GitHub’s CodeQL is a robust query language originally developed by Semmle that allows you to look for vulnerabilities in the ...
HotHardware2y

How GitHub Is Making It Easier To Root Out Security Flaws ... - HotHardware

Developers can now scan their code with GitHub's CodeQL analysis engine for free and without manual setup.
Computer Weekly4y

GitHub makes code vulnerability scanning feature public

One year after acquiring software security scanning specialist Semmle, and following a successful five-month beta process, GitHub is making its CodeQL code scanning capabilities available publicly ...
Redmond Magazine4y

Microsoft Releases CodeQL for Detecting Solorigate Tampering

Microsoft announced on Thursday that its CodeQL queries, which were used to detect possible compromise in its source code after the Solorigate attacks, are now publicly available at the GitHub ...
TechSpot4y

GitHub's open-source code scanning tool looks for security holes in ...

The tool is powered by CodeQL ---an open-source semantic code analyzer. The scanner can work in real-time as code is entered, so flaws never get to the software's final production version.
Visual Studio Magazine3y

New 'Security Manager' Role Leads GitHub Enterprise Server 3.3 Security ...

The new GitHub Enterprise Server 3.3 release focuses on security, with a new 'security manager' role leading several changes made in the same of safety.