GitHub launches code scanning to unearth vulnerabilities early

GitHub is officially launching a new code-scanning tool today, designed to help developers identify vulnerabilities in their code before it’s deployed to the public.

The new feature is the result of an acquisition last year when GitHub snapped up San Francisco-based code analysis platform Semmle; the Microsoft-owned code-hosting platform revealed at the time that it would make Semmle’s CodeQL analysis engine available natively across all open source and enterprise repositories. After several months in beta, code scanning is now rolling out to all developers.

Breaches

It’s estimated that some 60% of security breaches involve unpatched vulnerabilities. Moreover, 99% of all software projects are believed to contain at least one open source component, meaning that dodgy code can have a significant knock-on impact for many companies.

Typically, fixing vulnerabilities requires a researcher to first find the vulnerability and disclose it to the repository maintainer, who fixes the issue and alerts the

Read More

Cancer’s hidden vulnerabilities — ScienceDaily

One of the biggest challenges to the development of medical treatments for cancer is the fact that there is no single kind of cancer. Cancers derive from many kinds of cells and tissues, and each have their own characteristics, behaviors, and susceptibilities to anti-cancer drugs. A treatment that works on colon cancer might have little to no effect on lung cancer, for example.

So, to create effective treatments for a cancer, scientists seek insight into what make its cells tick. In a new paper appearing in Nature Communications, Caltech researchers show that a framework they developed, using a specialized type of microscopy, allows them to probe the metabolic processes inside cancer cells.

The work was conducted by researchers from the laboratory of Lu Wei, assistant professor of chemistry, as well as from the Institute for Systems Biology in Seattle and UCLA. It utilizes a technique called Raman spectroscopy in conjunction

Read More