• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

GitHub Adds Features to Automate Vulnerability Code Scanning

You are here: Home / General Cyber Security News / GitHub Adds Features to Automate Vulnerability Code Scanning
January 10, 2023

Hosting support GitHub has additional a new attribute to routinely established up code scanning on repositories.

Identified as ‘default setup,’ the novel functionality simplifies starting off code scanning on repositories making use of Python, JavaScript and Ruby.

“You can now enable code scanning in just a several clicks and without the need of using a .yaml file, supporting open resource builders and enterprises streamline code scanning set up so they can safe more of their computer software,” the business wrote in a site publish on Monday.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The new characteristic is now offered in the ‘Code security and analysis’ section under the ‘Security’ heading in the ‘Settings’ tab of repositories.

“Once enabled, you are going to right away start out acquiring insights from code scanning in your code to help you obtain and fix vulnerabilities immediately with no disrupting your workflow,” wrote GitHub item marketer Walker Chabbott.

The business also clarified that manual scanning through a .yaml file is still doable but is now beneath an ‘Advanced’ option, which allows tailored code scanning.

“If the repository does not help default set up, the solution will be grayed out,” Chabbott included.

By clicking on ‘Default’ on the other finish, customers will instantly see a tailored configuration summary dependent on the repository’s contents.

“This contains the languages detected in the repository, the question packs that will be applied, and the activities that will result in scans. In the upcoming, these alternatives will be customizable,” Chabbott spelled out.

“After examining the configuration, you click ‘Enable CodeQL,’ and code scanning will routinely run on the repository. It’s that straightforward!”

In accordance to GitHub, the new element is component of the company’s endeavours to establish security tools that supply a frictionless practical experience for developers.

To this conclusion, the business commenced featuring the enablement of solution scanning and Dependabot in the next fifty percent of 2022.

In other GitHub security news, the business began implementing two-factor authentication (2FA) in May well 2022 and, additional lately, non-public vulnerability reporting.


Some pieces of this posting are sourced from:
www.infosecurity-journal.com

Previous Post: «expert analysis reveals cryptographic weaknesses in threema messaging app Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • GitHub Adds Features to Automate Vulnerability Code Scanning
  • Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App
  • Italian Users Warned of Malware Attack Targeting Sensitive Information
  • Cloud-delivered malware attacks almost tripled in 2022
  • Threat hunting for MSPs
  • UK Charities Offered Free Cyber Essentials Support
  • Ukraine: Russian Cyber-Attacks Should Be Considered War Crimes
  • Critical Security Flaw Found in “jsonwebtoken” Library Used by 22,000+ Projects
  • Freejacking Campaign By PurpleUrchin Bypasses Captchas
  • ChatGPT Used to Develop New Malicious Tools

Copyright © TheCyberSecurity.News, All Rights Reserved.