Sign In

Communications of the ACM

ACM TechNews

GitHub Launches Code Scanning to Unearth Vulnerabilities Early


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A GitHub logo.

GitHub has launched a code-scanning tool to help developers identify flaws in code prior to its public debut.

Credit: GitHub

GitHub last week launched a code-scanning tool to help developers identify flaws in code prior to its public rollout.

A result of GitHub’s takeover last year of code analysis platform Semmle, the new tool is a static application security testing solution that converts code into a queryable format, then searches for vulnerability patterns.

The tool automatically identifies flaws and errors in code revisions in real time, alerting the developer before the code approaches production.

GitHub said during the scanner's beta-testing phase it scanned more than 12,000 repositories more than 1 million times, discovering 20,000 vulnerabilities; developers and maintainers corrected 72% of these errors within 30 days.

From VentureBeat
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found