Bleeping Computer

Microsoft shares CodeQL queries to scan code for SolarWinds-like implants

Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack. In December, it was disclosed that threat ...
ZDNet

GitHub rolls out new Code Scanning security feature to all users

Code-hosting website GitHub is rolling out today a new security feature named Code Scanning for all users, on both paid and free accounts. GitHub says the new Code Scanning feature "helps prevent ...
Computer Weekly

GitHub makes code vulnerability scanning feature public

One year after acquiring software security scanning specialist Semmle, and following a successful five-month beta process, GitHub is making its CodeQL code scanning capabilities available publicly, ...
Bleeping Computer

GitHub makes it easier to scan your code for vulnerabilities

GitHub has introduced a new option to set up code scanning for a repository known as "default setup," designed to help developers configure it automatically with just a few clicks. While the CodeQL ...
InfoWorld

GitHub makes CodeQL free for research and open source

CodeQL, a semantic code analysis engine and query tool for finding security vulnerabilities across a codebase, has been made available for free by GitHub for anyone to use in research or to analyze ...