#codeql

[ follow ]
#azure-devops #application-security #security-management #automated-scanning #sast #github-actions #semgrep #sarif
DevOps
fromAzure DevOps Blog
6 days ago

One-click security scanning and org-wide alert triage come to Advanced Security - Azure DevOps Blog

New capabilities in Azure DevOps simplify application security with one-click CodeQL setup and a unified alerts experience for security teams.
fromInfoQ
2 months ago

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has redesigned its static application security testing pipeline (SAST) to provide consistent, enforceable code scanning across a GitHub-based, multi-repository development environment. The initiative was a result of the company's shift-left strategy by delivering fast, reliable, and actionable security feedback directly in pull requests, strengthening the security of LinkedIn's code and infrastructure and helping protect members and customers.
Information security
Information security
fromscikit-learn Blog
8 months ago

scikit-learn Completes the GitHub Secure Open Source Training

scikit-learn participated in GitHub Secure Open Source Fund Cohort 2, receiving a three-week security training with public resources on CodeQL, secure development, and fuzz testing.
Artificial intelligence
fromInfoQ
10 months ago

GitHub Unveils Prototype AI Agent for Autonomous Bug Fixing

GitHub's new AI agent autonomously fixes bugs and proposes code changes, shifting from developer assistance to autonomous code maintenance.
[ Load more ]