GitHub, a San Francisco, CA-based provider of a platform to build and share code, acquired Semmle, a San Francisco, CA-based provider of a code analysis platform for finding zero-days and automating variant analysis.
The amount of the deal was not disclosed.
With the acquisition, the Semmle team, comprised of engineers and security researchers, joined GitHub.
Semmle provides a semantic code analysis engine that allows developers to write queries that identify code patterns in large codebases and search for vulnerabilities and their variants. It is used by security teams at Uber, NASA, Microsoft, Google, and has helped find thousands of vulnerabilities in some of the largest codebases in the world, as well as over 100 CVEs in open source projects to date.
Security researchers use Semmle to quickly find vulnerabilities in code with simple declarative queries. These teams then share their queries with the community to improve the safety of code in other codebases.
GitHub provides a platform to share code with others and collaborate with them. Over 31 million people use it to build software across 97+ million repositories.