Microsoft acquires Semmle to bring its code-analysis tools to GitHub
Semmle's team and tools are now a part of GitHub.
What you need to know
- Microsoft today announced that it has acquired Semmle and plans to integrate its team with GitHub.
- Semmle is the company behind a code analysis engine used by NASA, Microsoft, Google, and more.
- Semmle's tools have been used to find vulnerabilities "some of the largest codebases in the world," Microsoft says.
Microsoft announced the acquisition of Semmle, a company that develops code analysis tools for companies and organizations ranging from NASA and Microsoft to Google and Microsoft. Semmle will join GitHub, which Microsoft acquired last year for 7.5 billion.
Semmle began life in 2006 and set out to develop tools that treat "code as data," according to the company's blog post announcing the acquisition. "Semmle's revolutionary semantic code analysis engine allows developers to write queries that identify code patterns in large codebases and search for vulnerabilities and their variants," GitHub explaines in its own blog post.
Security researchers can use Semmle to "quickly find vulnerabilities in code with simple declartive queries," Microsoft says. Those results are then shared through the Semmle community to help improve code quickly across different codebases.
Semmle says that current Semmle users won't see a disruption as part of the acqisition:
On GitHub's side of things, Semmle's platform will see deeper integration throughout the platform.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl.