InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
Dark Reading

We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

With enterprise software more dependent on open source components than ever before, a big element of modern application security is reliant on how well the open source community can shore up ...
Bleeping Computer

GitHub code scanning now finds more security vulnerabilities

Code hosting platform GitHub today launched new machine learning-based code scanning analysis features that will automatically discover more common security vulnerabilities before they end up in ...