GitHub announces GitHub Security Lab that unites security researchers, maintainers, and companies across the industry to secure open-source applications.

GitHub was found in 2008 and acquired by Microsoft on Oct 26, 2018, the platform has more than 40 million registered users and has more than 100 million repositories. GitHub is a platform that provides hosting for software development.

CodeQL Code Analysis Engine

As a part of the GitHub Security Lab, the company makes it semantic code analysis engine CodeQL free for anyone to detect vulnerabilities on open source applications.

CodeQL is the tool used by several security research teams around the world to perform semantic analysis of code and GitHub alone used the tool for reporting more than 100 CVEs.

It is a powerful tool to discover a bad pattern, then by using similar patterns to find the error across the entire codebase.

Also, they announced the GitHub Advisory Database, which lists the advisories created on GitHub and also data associated with the packages.

GitHub Security Lab

“GitHub Security Lab’s mission is to inspire and enable the global security research community to secure the world’s code,” reads the blog post.

GitHub invites researches across thousands of companies to help with GitHub Security Lab and CodeQL. The following are the companies donating expertise to find vulnerabilities in open-source software.

GitHub Security Lab
GitHub Security Lab

The companies are F5, Google, HackerOne, Intel, IOActive, J.P. Morgan, LinkedIn, Microsoft, Mozilla, NCC Group, Oracle, Trail of Bits, Uber and VMWare.

If you are an individual security researcher or a group and if you want to help then you can join with the whole community to work together.

“We’re excited to have an initial set of partners that have all committed to achieving this goal. Together, we’re contributing tools, resources, bounties, and thousands of hours of security research to help secure the open-source ecosystem.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Bugcrowd Paid $500,000 Bug Bounty Reward to Ethical Hackers Within a Week

Beware of Holiday Shopping Frauds and Malware Scams – How to Avoid it

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.