GitHub has launched a new service for vulnerabilities. The feed tools named CodeQL GitHub will find my security vulnerabilities for free.
GitHub announces CodeQL for vulnerabilities
GitHub, one of the largest open source platforms on the internet, helps users with security vulnerabilities. The CodeQL tool available for this has been made available to users.
With CodeQL, users can obtain information about the vulnerabilities of the codes they write. In this way, action is taken more quickly to eliminate security gaps in the codes.
Justin Hutchings, senior product manager at GitHub, shared information about the code scanning tool. The code developed by Semmle, purchased by GitHub in 2019, is described as the most powerful tool of its kind, according to GitHub CEO Friedman.
In the first analysis done by CodeQL, more than 12 thousand repositories were scanned. In these scans made 1.4 million times in total. More than 20 thousand vulnerabilities have been discovered. This security tool is particularly good at detecting SQL and XSS vulnerabilities.
GitHub aims to detect security vulnerabilities in advance and prevent possible security problems with this software tool.