About this event
Join the GitHub Security Meetup led by an industry expert, Josh Brown-White, Principal Security Lead at Microsoft to learn about CodeQL, while enjoying food, drinks and networking.
This session is a great occasion to connect with other security researchers, developers, and managers, by discussing all things security, with a chance to share tips and tricks.
During the session, we will take a deep dive into CodeQL learning how it helps discover vulnerabilities, powered by our industry-leading static code analysis engine. CodeQL is used by developers automating application security checks, as well as by security researchers to perform variant analysis. Learn how using CodeQL can increase security engineers productivity while automating compliance work.
With CodeQL, security vulnerabilities, bugs, and other errors are discovered running queries against a database containing queryable data extracted from a codebase. Developers can run the standard CodeQL queries, written by GitHub researchers and community contributors, as well as write their own. Walk away with knowledge about customization of queries and the power of CodeQL accuracy with low to no false positives.
- 4:00 - Check in, grab some tacos /drinks and network
- 4:45 - Introductions
- 5:00 - 5:45 - CodeQL
- 5:45 - 6:15 - Q&A with GitHub/Microsoft Security Team
- 6:15 - 7:00 - Networking
- 7:00 - Conclusion
About the Presenter Josh Brown-White, Principal Security Lead, Microsoft
Josh is a Principal Security Lead at Microsoft on their Secure Development Lifecycle Team, where he leads security researchers and detection authors who leverage static analysis and research and develop new methods to further extend it, orchestrates cross- company efforts around the security of Microsoft' s products and services, and advises on security relevant public policy for Microsoft. Prior to this role, Josh has been a trustworthy computing advisor for Windows, Azure, SQL Server, Windows Phone (RIP), and Windows Embedded, a product security architect at the payroll company, ADP, a security analyst for FedEx, and in the distant past a developer on several now long dead technologies. Josh is also a contributor to SAFECode, including contributing authorship to the SAFECode Security Fundamentals and SAFECode Threat Modeling Guidance.
GitHub Security Meetup
Tuesday, March 14, 2023
4:00 p.m. - 7:00 p.m.
Register now to save your spot!