Security News > 2020 > May > New GitHub Features Help Find Vulnerabilities and Secrets in Code
2020-05-06 16:46
GitHub on Wednesday announced two new security features designed to help developers identify vulnerabilities and potential secrets in their code.
These new security features, code scanning and secret scanning, are currently in beta.
GitHub says code scanning helps developers identify potential vulnerabilities in every "Git push," with results being displayed directly in their pull requests.
The code scanning feature leverages the CodeQL code analysis engine.
CodeQL has been offered for free to open source projects as part of an initiative announced by GitHub last year, and the company says the new code scanning feature will be free as well for open source software.