Microsoft takes over Semmle to bring its code-analysis tools to GitHub
Category: #technology  By Saipriya Iyer  Date: 2019-09-19
  • share
  • Twitter
  • Facebook
  • LinkedIn

Microsoft takes over Semmle to bring its code-analysis tools to GitHub

GitHub, a subsidiary of Microsoft, has recently acquired code analysis platform provider Semmle for an undisclosed sum. The GitHub team apparently intends to integrate Semmle closely into the GitHub workflow.  

Shanku Niyogi, GitHub’s Senior VP of Product, said that just as relational databases help answer very sophisticated questions pertaining to data, Semmle makes it easier for developers and researchers to discover potential security vulnerabilities in large codebases much faster.

Majority of vulnerabilities often involve the same type of coding errors as their root cause. Semmle helps identify all variations of an error, eliminating a whole class of errors. This approach enables developers to track down a large number of issues with minimum false positives, Niyogi added.

Semmle CEO and co-founder Oege De Moor commented that GitHub is the one platform where developers of open-source find their building blocks and where open-source developers and security experts collaborate.

The Semmle technology and vision belong at GitHub, De Moor remarked.

About Semmle

For the uninitiated, Semmle’s tools help software developers and security researchers track down potential vulnerabilities in their code. The platform provides a query language that allows developers to test their code using Semmle’s analysis engine, which greatly reduces the time and effort required for manual security testing.

Sources with relevant information reported that Semmle was officially launched in 2018 through a $21 million Series B funding round led by Accel. The company had managed to raise close to $31 million prior to this acquisition.

Evidently, multinational tech majors including NASA, Microsoft, Google and Uber currently use Semmle’s code analysis tools that offer project tracking, automated code reviews and security alerts. The platform is available for free for open-source projects.

Microsoft’s acquisition of Pull Panda

Microsoft had reportedly acquired GitHub tool vendor Pull Panda in June with the apparent aim to boost code-review workflows and performance.

The Washington-based software giant had evidently integrated each of the three Pull Panda tools, which are Pull Analytics, Pull Assigner and Pull Reminders, into one exclusive GitHub Marketplace application called Pull Panda.

Records confirm that Microsoft had taken over the San Francisco-headquartered development platform GitHub in June 2018. GitHub offers the entire source code management (SCM) and distributed version control functionality of Git along with its own features.

 

Source Credit: https://techcrunch.com/2019/09/18/github-acquires-code-analysis-tool-semmle/

  • share
  • Twitter
  • Facebook
  • LinkedIn


About Author

Saipriya Iyer    

Saipriya Iyer

A content developer by choice, Saipriya Iyer holds a rich experience portfolio of more than five years in the content creation domain. Equipped with substantial expertise across the business, technology, and finance domains, Saipriya currently pens down insightful art...

Read More

More News By Saipriya Iyer

SoftBank walks out of Wirecard deal amid mismanagement allegations
SoftBank walks out of Wirecard deal amid mismanagement allegations
By Saipriya Iyer

Japanese conglomerate SoftBank Corporation has reportedly announced that it is looking to distance itself from the German payments company, Wirecard, due to an ongoing scandal involving the issue of money and cooked books. According to SoftBank, it ...

RAD adds new mask detection feature to its autonomous security system
RAD adds new mask detection feature to its autonomous security system
By Saipriya Iyer

Artificial Intelligence Technology Solutions has reportedly announced that its robotics arm, Robotic Assistance Devices, has added an advanced mask detection feature to its property management and autonomous security devices. This system will support...

Nokia caters to expanding mobile traffic demand with Djezzy in Algeria
Nokia caters to expanding mobile traffic demand with Djezzy in Algeria
By Saipriya Iyer

Nokia has confirmed that it has completed a successful trial with mobile operator Djezzy Algeria, for supporting the growing need for network capacity, with the use of microwave carrier aggregation technology. In the trial, Nokia used its Wavence mic...