reddit hackernews mail facebook facebook linkedin


Power security researchers around the world as well as code scanning.

Discover vulnerabilities across a codebase with CodeQL, our industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same.

CodeQL analysis consists of three steps:
1/ Preparing the code, by creating a CodeQL database
2/ Running CodeQL queries against the database
3/ Interpreting the query results