Bleeping Computer

Microsoft shares CodeQL queries to scan code for SolarWinds-like implants

Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack. In December, it was disclosed that threat ...
ZDNet

Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers

Microsoft is open-sourcing the CodeQL queries that it used to investigate the impact of Sunburst or Solarigate malware planted in the SolarWinds Orion software updates. Other organizations can use the ...
Neowin

Microsoft open sources CodeQL queries used in Solorigate investigation

Microsoft has open sourced the CodeQL queries that it used to identify malicious code implants from the Solorigate attack. CodeQL is an analysis engine used for code inspection, among other things.
TechRadar

Microsoft open sources code review tool used to hunt for Solarigate activity

In an effort to help other businesses analyze source code at scale, Microsoft has open sourced the CodeQL queries it used to detect indicators of compromise (IoCs) and coding patterns associated with ...
InfoQ

GitHub Enhances CodeQL, Extends Language Support, Available Queries, and More

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoQ

GitHub CodeQL Code Scanning Now Supports Setting Threat Model GitHub CodeQL Code Scanning Now Supports Setting Threat Model

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...