GitHub can actively look for security holes in your code

GitHub, the Microsoft-owned code repository, has announced something that will hopefully make all our software much more secure. The platform has, after several months of testing, now launched code scanning, a system that will read through software looking for security holes. As the code is created, the system will now scan through it, highlighting areas that could be exploited in future. The hope is that, by catching errors ahead of time, the number of security incidents we all face could be reduced.

So far, GitHub has scanned 12,000 repositories 1.4 million times, with the company’s Justin Hutchings saying that it’s caught 20,000 security issues. That included holes that would have enabled remote code execution, SWL injection and cross-site scripting, of which 72 percent was fixed in the subsequent 30 days. Given that GitHub’s public libraries can be examined, worked on and adopted by lots of other GitHub users, that’s plenty of crises averted already. 

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

sonos sonos One (Gen 2) - Voice Controlled Smart Speaker with Amazon Alexa Built-in - Black read more
Share

63 Shares

sonos sonos One (Gen 2) - Voice Controlled Smart Speaker with Amazon Alexa Built-in - Black read more

all right reserved for yahoo news

PREV Microsoft Outlook goes DOWN across UK and parts of Western Europe
NEXT Figo's connected sous vide promises to chill, seal and cook your meals