Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11GitHub's machine learning tool can detect vulnerabilities in code
Code hosting platform GitHub has just launched a brand new machine learning-based code analysis and scanning tool. This tool has the ability to automatically detect common vulnerabilities in code before they are introduced into the final stages.
Currently, the tool is in public beta testing in GitHub's JavaScript and TypeScript repos.
"With new analysis capabilities, the code scanning engine can display more warnings for four common vulnerability patterns: cross-site scripting (XSS), path injection, NoSQL injection and SQL injection," the experts said. Tiferet Gazit and Alona Hloibna of GitHub shared.
"Aggregate data shows that these four types of vulnerabilities are the cause of many recent vulnerabilities (CVEs) in the JavaScript/TypeScript ecosystem and improved code scanning to detect these vulnerabilities early in the process." development is key to helping developers write safer code."
When a vulnerability is detected, the tool will display a warning in the "Security" tab of registered repos. The alerts are also labeled "Experimental" and are also available via the pull requests tab.
In fact, a code analysis tool called CodeQL was added to their platform by GitHub after acquiring code analysis platform Semmle in September 2019. The first beta of CodeQL was announced in May 2020 and available for everyone to test in September 2020.
During beta testing, CodeQL scanned more than 12,000 repos 1.3 million times and discovered more than 20,000 security issues, including remote code execution (RCE), SQL injection, and cross-site vulnerabilities. scripting (XSS).
CodeQL is free for public repos and available as an Advanced Security feature for GitHub Enterprise private repos.
Now, after adding machine learning, CodeQL's accuracy and code analysis capabilities will be further improved.
Samuel DanielYou should read it
- How to choose a scanner
- 4 best barcode scanning apps for Android
- How to use the built-in virus scanner on Chrome
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- What is VENOM Vulnerability? How can you protect yourself?
- How to install Canon Lide 120 scanner
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- How to Scan barcodes using the Barcode Scanner application on Android phones
May be interested
- Adobe uses machine learning to detect photos with Photoshop
new research uses ai to automatically detect edited images. - Google researchers for gaming AI to improve enhanced learning abilityreinforcement learning (reinforcement learning) - a sub-field of machine learning - related to ai training techniques using 'rewards' to promote software policy towards target objectives specifically.
- 13 tips to help you learn code super fast without being too expensivethese clever ways of learning code shared from this master programmer will help you quickly write your own application.
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devicesmicrosoft security researchers announced that they discovered more than two dozen serious remote code execution (rce) vulnerabilities related to internet of things (iot) and operational technology (ot) devices being used. relatively popular use today.
- Detect hardware Trojans using machine learning technologykeysight technologies' experts claim that the combination of the cx3300's high-bandwidth high-resolution dynamic current measurement capabilities and keysight's ultra-fast clustering algorithm so far is an effective means of identifying trojans.
- This young man had to learn code himself to diagnose breast cancer and was invited by Google to attend the I / O conferenceabu created an application to use machine learning to diagnose breast cancer from mammograms (images obtained by mammograms).
- Error codes for washing machines Sanyo, LG, Toshibanormally, when the washing machine is faulty, it signals and displays the number for users to recognize. each type of code is assigned a different error, in each type of washing machine. from there, the user can easily check ...
- The best Python tools for Machine Learning and Data Sciencepython has many great libraries and frameworks that are good for coding and developing computer science. quantrimang invites you to discuss some useful python tools for both machine learning and data science applications.
- What is Low-Code? And how does it work?the low-code design tool allows users to create complex programs without much coding experience. so what is low-code? how does it work? let's find out in the following article.
- Free online learning about AI and Machine learning on Google websiteto make ai and machine learning (ml) more accessible to everyone, google will offer free online courses on its website called learn with google ai.
Security solution
- Hackers take advantage of Microsoft Defender's 8-year-old weakness to bypass the virus detection system
- Microsoft's source code signature control system is easily bypassed by Zloader malware
- Detecting a series of vulnerabilities can help hackers disable metal detectors at airports
- How to block Windows Defender from sending data to Microsoft
- How to check if a URL is safe?
- This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
Hackers take advantage of Microsoft Defender's 8-year-old weakness to bypass the virus detection system
Microsoft's source code signature control system is easily bypassed by Zloader malware
Detecting a series of vulnerabilities can help hackers disable metal detectors at airports
How to block Windows Defender from sending data to Microsoft
How to check if a URL is safe?
This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats