InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
ZDNet

GitHub: Now our built-in bug checker gets these third-party code-scanning tools

GitHub has released a host of third-party security tools for its just-launched code-scanning feature, which helps open-source projects nix security bugs before they hit production code. GitHub Code ...
SDxCentral

Endor Labs, 7 Others Launch Opengrep to Keep Static Code Analysis Open Source

Endor Labs has collaborated with Aikido Security, Arnica, Amplify, Kodem, Legit, Mobb, and Orca Security to introduce Opengrep, an initiative designed to maintain open access to static code analysis ...
Dark Reading

Product Watch: HP, Fortify To Offer Hybrid Analysis Of Web App Pen Testing, Code Scanning

HP and Fortify Software today announced they have further integrated analysis data between their Web application penetration-test and source-code scanning tools. The so-called Hybrid 2.0 technology, ...
VentureBeat

GitHub launches code scanning to unearth vulnerabilities early

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More GitHub is officially launching a new code-scanning tool today, designed ...