In case you missed us at #BlackHat2019, check out the recap of Fermin J. Serna's preso on finding vulns in Das U-Boot, @baron_von_ryan's #SemmleCTF challenge, and the penthouse party with our friends from IOActive, Inc hubs.ly/H0kpFxg0

We just extended the #SemmleCTF Challenge from #BlackHat until Sept 6! Simply follow these instructions to find real vulnerabilities in Das U-Boot using QL and submit your query for a chance to win a pair of these! hubs.ly/H0ksPnh0

.Fermin J. Serna shares what "open security" means to him and highlights OSS-Fuzz, GitHub and other projects which are leading the way. hubs.ly/H0klhGW0

Are unit tests really effective in preventing bugs? We analyzed over 50k LGTM projects in Java, Python, and Javascript to find out. hubs.ly/H0kBQTY0

The #SemmleCTF Challenge ends today! Last chance to submit your QL query for a chance to win wireless headphones. Winners will be announced next week... stay tuned! hubs.ly/H0kC1WS0

Are you a #Python developer? We take a look at different categories of #security concerns and how to find and fix them with QL hubs.ly/H0kHzCC0

Does a developer's emotional state of mind affect the code they write? Our data science team investigates the impact of angry devs hubs.ly/H0kLXdN0

ICYMI: QL snapshots for analysis of large open source projects are now available. If you want to perform #VariantAnalysis on large OSS projects, get more info here: hubs.ly/H0kNyk70

Today we welcome Semmle to the GitHub family! We’re excited to bring the world’s most powerful semantic code engine to the world’s largest developer community🔥 github.co/305z9tC

4/7 LGTM.com remains available and free for open source. Try it on your own projects, and let us know how it works for you!

Big news! Semmle is joining the @Github team to bring community-powered security analysis to millions of developers. Learn more from Semmle CEO Oege de Moor here: hubs.ly/H0kQZ2y0

Ever wish you had an extra team member to review each pull request with laser focus on security? Join a live discussion and demo with Semmle's Oege de Moor (CEO and founder) and Fermin J. Serna (CSO) on community-powered secure development. github.co/2O9JmyL

See how you can use a known vulnerability to find entire classes of that bug in your code base. Check out this blog post: hubs.ly/H0kVRzV0

Attending OWASP® Foundation #GlobalAppSec Amsterdam? Sam Lanning - On Mastodon Now will be talking about how to find and prevent entire classes of security vulnerabilities tomorrow. hubs.ly/H0kYwjQ0

Now in beta! LGTM is supporting Golang and we have some projects that you can explore. Check them out and suggest others you'd like us to analyze. hubs.ly/H0l167w0

Welcome to the GitHub Security Lab GitHub Security Lab! Join us and contribute to secure the world's code! Visit securitylab.github.com

Check out the GitHub Security Lab bounty program! securitylab.github.com/bounties. Write a query, find bugs, get rewarded.

Want to challenge your vulnerability hunting skills? Try our latest Capture The Flag and discover XSS-unsafe jQuery plugins: securitylab.github.com/ctf/jquery

Learn how our security researcher Nico Waisman found wireless vulnerabilities in the Linux Kernel, and variants, thanks to CodeQL: securitylab.github.com/research/anato…

ICYMI: We're running a CTF until December 31st. Write a CodeQL query to find a specific class of DOM-based XSS vulns. The 2 best submissions will win Nintendo Switches, and 10 additional entries will receive coupons that can be used for GitHub Swag. securitylab.github.com/ctf/jquery