Microsoft takes over Semmle to bring its code-analysis tools to GitHub
Category: #technology |   By Saipriya Iyer |   Date: 2019-09-19

Microsoft takes over Semmle to bring its code-analysis tools to GitHub

GitHub, a subsidiary of Microsoft, has recently acquired code analysis platform provider Semmle for an undisclosed sum. The GitHub team apparently intends to integrate Semmle closely into the GitHub workflow.  

Shanku Niyogi, GitHub’s Senior VP of Product, said that just as relational databases help answer very sophisticated questions pertaining to data, Semmle makes it easier for developers and researchers to discover potential security vulnerabilities in large codebases much faster.

Majority of vulnerabilities often involve the same type of coding errors as their root cause. Semmle helps identify all variations of an error, eliminating a whole class of errors. This approach enables developers to track down a large number of issues with minimum false positives, Niyogi added.

Semmle CEO and co-founder Oege De Moor commented that GitHub is the one platform where developers of open-source find their building blocks and where open-source developers and security experts collaborate.

The Semmle technology and vision belong at GitHub, De Moor remarked.

About Semmle

For the uninitiated, Semmle’s tools help software developers and security researchers track down potential vulnerabilities in their code. The platform provides a query language that allows developers to test their code using Semmle’s analysis engine, which greatly reduces the time and effort required for manual security testing.

Sources with relevant information reported that Semmle was officially launched in 2018 through a $21 million Series B funding round led by Accel. The company had managed to raise close to $31 million prior to this acquisition.

Evidently, multinational tech majors including NASA, Microsoft, Google and Uber currently use Semmle’s code analysis tools that offer project tracking, automated code reviews and security alerts. The platform is available for free for open-source projects.

Microsoft’s acquisition of Pull Panda

Microsoft had reportedly acquired GitHub tool vendor Pull Panda in June with the apparent aim to boost code-review workflows and performance.

The Washington-based software giant had evidently integrated each of the three Pull Panda tools, which are Pull Analytics, Pull Assigner and Pull Reminders, into one exclusive GitHub Marketplace application called Pull Panda.

Records confirm that Microsoft had taken over the San Francisco-headquartered development platform GitHub in June 2018. GitHub offers the entire source code management (SCM) and distributed version control functionality of Git along with its own features.

 

Source Credit: https://techcrunch.com/2019/09/18/github-acquires-code-analysis-tool-semmle/

  • shareShare
  • Twitter
  • Facebook
  • LinkedIn


About Author

Saipriya Iyer     Twitter

Saipriya Iyer

A content developer by choice, Saipriya Iyer holds a rich experience portfolio of more than five years in the content creation domain. Equipped with substantial expertise across the business, technology, and finance domains, Saipriya currently pens down insightful art Read more...

More News By Saipriya Iyer

Infosys to open office in Calgary, aims to hire 1000 people by 2024

Infosys to open office in Calgary, aims to hire 1000 people by 2024

By Saipriya Iyer

Tech giant Infosys, which has operations in 50 countries, will set up its digital center in Gulf Canada Square. Over the next two years, Infosys aims to create 1,000 new jobs in Calgary by 2024, according to reliable reports. This was almost doubl...

Government-led initiatives can address Africa's food insecurity, claims report

Government-led initiatives can address Africa's food insecurity, claims report

By Saipriya Iyer

A new report released recently in the Rwandan capital of Kigali has urged African governments to take the lead and coordinate internal and external initiatives to address the continent’s food insecurity swiftly and comprehensively. The Allia...

Iron Pillar seeking USD 400 million to empower tech startups in India

Iron Pillar seeking USD 400 million to empower tech startups in India

By Saipriya Iyer

An investment company that is known to back tech startups, Iron Pillar, is reportedly looking to raise around USD 400 million to help boost the startup ecosystem in India. The venture capital firm is already in advanced deliberations with limited par...