skip to content
View the schedule

December 8, 2020 12:30:00 GMT-0800

Developer Channel

Community-powered security analysis with CodeQL

CodeQL security analysis powers GitHub code scanning and has helped identify and prevent thousands of security vulnerabilities. Through code scanning, it analyzes your pull requests and flags up security issues as early as possible. But who creates these CodeQL queries and how do they know what to look for? For the last two years, a community of security researchers have been contributing to CodeQL queries that formalize their security knowledge. Queries written by independent researchers, enterprise security teams, and everyone in between now help protect all CodeQL users from security vulnerabilities. In this session you'll find out more about this community, the bounty programs, and the tools they use to help you secure your code. And how you can become part of it!

Sessions you might like

December 8, 2020 09:45:00 GMT-0800

Catching vulnerabilities early with GitHub

image of Maya Kaczorowski
Maya Kaczorowski

Product Manager, Software Supply Chain Security, GitHub

image of William Bartholomew
William Bartholomew

Staff Product Manager, GitHub



December 8, 2020 11:30:00 GMT-0800

So you committed a secret...

image of Sasha Rosenbaum
Sasha Rosenbaum

Senior Product Manager, GitHub



December 8, 2020 12:30:00 GMT-0800

GitHub Advanced Security round-up

image of Justin Hutchings
Justin Hutchings

Staff Product Manager - Security, GitHub



We use optional third-party cookies to understand how you use so we can build a better experience. Learn more

Accept Decline