Security News > 2021 > February > Microsoft shares CodeQL queries to scan code for SolarWinds-like implants
Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack.
To make sure the attackers did not modify their code, Microsoft created CodeQL queries that were used to scan their codebase for malicious implants matching the SolarWinds IOCs.
Today, Microsoft has released their SolarWinds CodeQL queries so that users can scan their source code for potential malicious implants.
Semantic code analysis does not check whether source code is syntactically correct but instead matches the "Meaning" of the code.
Developers can then share CodeQL queries publicly to allow other devs to scan their code for similar functionality.
With Microsoft's release of SolarWinds CodeQL queries, developers can scan their source codebase for functionality or syntactic code elements that match those used by the malicious implants from the SolarWinds attack.