Microsoft takes over Semmle to bring its code-analysis tools to GitHub
Category: #technology  By Saipriya Iyer  Date: 2019-09-19
  • share
  • Twitter
  • Facebook
  • LinkedIn

Microsoft takes over Semmle to bring its code-analysis tools to GitHub

GitHub, a subsidiary of Microsoft, has recently acquired code analysis platform provider Semmle for an undisclosed sum. The GitHub team apparently intends to integrate Semmle closely into the GitHub workflow.  

Shanku Niyogi, GitHub’s Senior VP of Product, said that just as relational databases help answer very sophisticated questions pertaining to data, Semmle makes it easier for developers and researchers to discover potential security vulnerabilities in large codebases much faster.

Majority of vulnerabilities often involve the same type of coding errors as their root cause. Semmle helps identify all variations of an error, eliminating a whole class of errors. This approach enables developers to track down a large number of issues with minimum false positives, Niyogi added.

Semmle CEO and co-founder Oege De Moor commented that GitHub is the one platform where developers of open-source find their building blocks and where open-source developers and security experts collaborate.

The Semmle technology and vision belong at GitHub, De Moor remarked.

About Semmle

For the uninitiated, Semmle’s tools help software developers and security researchers track down potential vulnerabilities in their code. The platform provides a query language that allows developers to test their code using Semmle’s analysis engine, which greatly reduces the time and effort required for manual security testing.

Sources with relevant information reported that Semmle was officially launched in 2018 through a $21 million Series B funding round led by Accel. The company had managed to raise close to $31 million prior to this acquisition.

Evidently, multinational tech majors including NASA, Microsoft, Google and Uber currently use Semmle’s code analysis tools that offer project tracking, automated code reviews and security alerts. The platform is available for free for open-source projects.

Microsoft’s acquisition of Pull Panda

Microsoft had reportedly acquired GitHub tool vendor Pull Panda in June with the apparent aim to boost code-review workflows and performance.

The Washington-based software giant had evidently integrated each of the three Pull Panda tools, which are Pull Analytics, Pull Assigner and Pull Reminders, into one exclusive GitHub Marketplace application called Pull Panda.

Records confirm that Microsoft had taken over the San Francisco-headquartered development platform GitHub in June 2018. GitHub offers the entire source code management (SCM) and distributed version control functionality of Git along with its own features.

 

Source Credit: https://techcrunch.com/2019/09/18/github-acquires-code-analysis-tool-semmle/

  • share
  • Twitter
  • Facebook
  • LinkedIn


About Author

Saipriya Iyer    

Saipriya Iyer

A content developer by choice, Saipriya Iyer holds a rich experience portfolio of more than five years in the content creation domain. Equipped with substantial expertise across the business, technology, and finance domains, Saipriya currently pens down insightful art...

Read More

More News By Saipriya Iyer

EU antitrust office inspects Apple Pay for “anti-competitive” behavior
EU antitrust office inspects Apple Pay for “anti-competitive” behavior
By Saipriya Iyer

Following Facebook’s Libra, Apple Inc’s exclusive online payments platform Apple Pay is now apparently under the European Union’s antitrust radar. The EU had expressed concerns over Facebook’s Libra cryptocurrency project ear...

Telemundo, Quibi to create exclusive news content for Hispanic viewers
Telemundo, Quibi to create exclusive news content for Hispanic viewers
By Saipriya Iyer

Telemundo, the NBC-owned Spanish-language television network, has reportedly entered into a partnership with Quibi to produce exclusive daily news programming for the mobile platform when it kicks-off in April 2020. For the uninitiated, Quibi is an ...

Avaya launches IX-CC, next-gen CCaaS on Microsoft’s Azure in the Gulf
Avaya launches IX-CC, next-gen CCaaS on Microsoft’s Azure in the Gulf
By Saipriya Iyer

The increasing prominence of the telecom industry has lent substantial traction to contact center solutions. The demand for simplifying communication mechanisms and bringing about convenience and flexibility in customer solutions has been prompting c...