-
CodeQL, semantic code analysis engine lets you query code as though it were data, offering enormous opportunities to understand and improve coding patterns, quality and security.
https://thenewstack.io/how-code-analytics-could-help-github-decipher-its-semantic-code-graph-of-open-source/ …
#opensource#codeql -
I've been really enjoying working on the
@GHSecurityLab bug bounty program. Writing#CodeQL queries to find common vulnerabilities in OSS. $3,800 so far in the past 2 months -
#codeQL-Like Analyzer for Go https://github.com/quasilyte/go-ruleguard … -
I just earned a $2,300
#BugBounty award from the@GHSecurityLab for my#CodeQL query that detects the use of HTTP instead of HTTPS to download/upload dependencies in@ASFMavenProject pom.xml files.#togetherwehitharder
Thank you GitHub Team!! https://github.com/github/security-lab/issues/21 …Prikaži ovu nit -
If you haven't given
#CodeQL a shot, I highly recommend learning the language. Finding security vulnerabilities in OSS can be pretty rewarding and is good for everyone.#bugbountytipshttps://twitter.com/GHSecurityLab/status/1212735294010806273 … -
Also
@rschultheis gave an excellent explanation of this on the#osspodcast https://www.opensourcesecuritypodcast.com/2019/12/episode-174-github-turns-security-up-to.html … around the 24:40 mark. TL;DR:#CodeQL is so cool I can't explain how cool it is in twitter, go read@github's page:https://securitylab.github.com/tools/codeql -
It will be a two hour workshop about using
#codeql from installation to modeling and finding vulnerabilities in open source. -
#github is making code analysis engine#CodeQL freely available for#Security researchers looking to discover#vulnerabilities in open source code http://bit.ly/2OhMCrv#opensource#cybersecurite -
Check out the
@github keynote on how#Netdata uses#CodeQL to prevent vulnerabilities: https://youtu.be/VnaK_ONmtC4?t=1185 … -
"GitHub Security Lab CTF 3: XSS-unsafe jQuery plugins" https://securitylab.github.com/ctf/jquery Smart idea to get people engaged in learning
#CodeQL. -
#GitHub makes#CodeQL free for research and open source https://buff.ly/37cpfae@infoworld -
Want to learn how to find some cool
#bugs using#CodeQL? take a look at https://securitylab.github.com/research/bug-hunting-codeql-rsyslog … -
#GitHubUniverse Day 2 is all about security. The keynote saw many announcements related to securing code including GitHub Security Lab,#CodeQL ,#GitHub Security Advisories, automated#security updates, GitHub Advisory Database, token scanning, and more. http://bit.ly/2Qml31u pic.twitter.com/FZwCX6LWJr
-
Impressive github news for #opensourcesoftware : 1. preserve open source software for future generations with the https://lnkd.in/edZCiFU
2. better appsec thanks to a new tool called #codeQL https://lnkd.in/eRW3BFB
https://lnkd.in/eYsaRSb -
Watch Day 2 Keynote - GitHub Universe 2019
#GitHub Security Lab is making#CodeQL freely available for anyone to find vulnerabilities in open source code.#datasecurity#cloudsecurity#infosec#cloudhttps://www.youtube.com/watch?v=VnaK_ONmtC4 … -
@mozsec it's a strange move to promote the closed source#CodeQL from@github ("free for FLOSS, for other uses see our sales team") in order to find VLN for your Bug bounty program. Do you remember BitKeeper and Linux kernel (before Git as... in Github)? https://blog.mozilla.org/security/2019/11/14/adding-codeql-and-clang-to-our-bug-bounty-program/ … -
And here's to caring for code quality -- https://lgtm.com/logs/c4ca51aab757c3b8e3fe1e916e51724c98b805b0/lang:java … Powered by
@Semmle who became part of Github recently. There's something about their#CodeQL too -
« Dans le cadre du GitHub Security Lab,
@Mozilla lance un nouveau programme de#BugBounty récompensant les requêtes d'analyse statique – y compris les requêtes qui identifient des vulnérabilités historiques et corrigées.#CodeQL#clang#news blog sécurité https://blog.mozilla.org/security/2019/11/14/adding-codeql-and-clang-to-our-bug-bounty-program/ …https://twitter.com/TomRittervg/status/1195040519790960641 … -
As part of their involvement with the
@GHSecurityLab, Mozilla has just announced a bug bounty for security researchers that write CodeQL queries or clang-based checks!#CodeQL https://blog.mozilla.org/security/2019/11/14/adding-codeql-and-clang-to-our-bug-bounty-program/ … -
GitHubs Security Lab und CodeQL sollen den Code der Welt sicherer machen. https://www.heise.de/newsticker/meldung/GitHubs-Security-Lab-und-CodeQL-sollen-den-Code-der-Welt-sicherer-machen-4585653.html …
#CVE#CodeQL
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.