So GitHub are becoming a CVE Numbering Authority. Nice!

— Dan Murphy (@DanHatesNumbers) September 18, 2019

Big news! Semmle is joining the @Github team to bring community-powered security analysis to millions of developers. Learn more from Semmle CEO @oegerikus here: https://t.co/iDN5RrY8J1

— Semmle (@Semmle) September 18, 2019

Holy shit, GitHub is becoming a CVE authority which will allow filing for CVE numbers directly from the web UI.

Also the new security advisory workflow is looking *sweet*!!

— yosh (@yoshuawuyts) September 18, 2019

Our mission is to build a global platform for developer collaboration. But that platform needs to be one that all of us can use to secure the world’s software, together.

Learn more on how you can help. https://t.co/I4FkD7y3Ye

— GitHub (@github) September 18, 2019

10 years ago I discovered the amazing @semmle technology and team, I knew they would make a difference in the industry. 1 year ago I was excited to join them, and today I am even more excited by the huge step we are taking by joining @github https://t.co/YKHOcRd7cD #securecode

— Xavier René-Corail (@XCorail) September 18, 2019

What a gr8 move.

I hear from ppl all the time that tell me how hard it is to get a CVE. Having @github as a CNA is critically important. https://t.co/5sGHPU0R2d

— Sean Kerner (@TechJournalist) September 18, 2019

We are @github now! \o/ https://t.co/u3N5ifHbAP

— Nico Waisman (@nicowaisman) September 18, 2019

@github would not issue CVE's for Microsoft applications as @Microsoft is already a CNA that issues their own. GitHub is allowed to issue CVE's for reported vulnerabilities assuming the vendor in question is not already a CNA (as far as I understand).

— Nathan McNulty (@NathanMcNulty) September 18, 2019

It says a lot about Github and by extension Microsoft that the overwhelming response to this announcement is positive. https://t.co/R00FBCXxCG

— Corey Quinn (@QuinnyPig) September 19, 2019

As for volume... just do a search for "fix buffer overflows" or "fix XSS" in issues and imagine them all having a nicely labelled CVE. It's an exciting time to be alive.

— Kurt Seifried (@kurtseifried) September 18, 2019

Apart from the news about acquisition of @Semmle which is a market leader in Variant Analysis, GitHub clearly sees the big picture of Application Security. Slow clap ? https://t.co/0X0A9itJnW

— Andrzej Dyjak (@andrzejdyjak) September 18, 2019

> GitHub ... is now a CVE Numbering Authority. ..Maintainers will be able to report vulnerabilities...GitHub will assign IDs & add [them] to the National Vulnerability Database.

Sounds like there'll be an influx of CVEs now. What "CVE" means is probably going to change a bit ?

— Rijnard van Tonder (@rvtond) September 18, 2019

Incredible, industry-shifting work at @github & @Semmle in helping the entire software supply chain detect, eradicate, and prevent entire classes of security vulnerabilities.
Honestly this has me hopeful that finally, we may see certain classes of bugs eradicated in my lifetime. https://t.co/sa234NzK7h

— Katie Moussouris (@k8em0) September 18, 2019

GitHub acquires code analysis tool Semmle | Microsoft’s GitHub today announced that it has acquired Semmle, a code anal ... https://t.co/5QTDLWtEZ8

— NICEBROgg (@NICEBROgg) September 18, 2019

1/7 I’m overjoyed to share that @semmle is joining @github! https://t.co/K7wTLs5WJL

— Oege de Moor (@oegerikus) September 18, 2019

A warm welcome to Oege and the rest of @Semmle! This really confirms the value of treating code as data, and on behalf of the Semantic Code team, I can't wait to see what we can build together! (And I'm also excited to have more Oxonians on the team ?) https://t.co/XKLDEWCYuC

— Douglas Creager (@dcreager) September 18, 2019

badass acquisition.. congrats to all Semmle hackers there for joining GitHub :)https://t.co/L7vXKOF6qe@fjserna @nicowaisman @agustingianni @mmolgtm @Nosoynadiemas @kevin_backhouse et al.

— Shift Red (@Shiftreduce) September 18, 2019

GitHub Becomes CVE Numbering Authority, Acquires Semmle https://t.co/cxv0g3XRLD

— Nicolas Krassas (@Dinosn) September 19, 2019

#GitHub acquires code analysis tool #Semmle - "GitHub has a “unique opportunity and responsibility to provide the tools, best practices, and infrastructure to make software development secure.” https://t.co/Jiyj4Ejp5M @techcrunch @github @asseh @faatz #code #softwaredevelopment

— Shirin Mohammadi (@shirin_moha) September 19, 2019

Microsoft’s GitHub today announced that it has acquired Semmle, a code analysis tool that helps developers and security researchers discover potential vulnerabilities in their code.https://t.co/z5uyUaW0WS pic.twitter.com/2Dl5THqJLr

— AlternativeTo (@AlternativeTo) September 19, 2019

GitHub acquires code analysis tool Semmle https://t.co/1MJTTx8TWQ

— Mark Adcock (@techforecastis) September 19, 2019

GitHub acquires Semmle which automatically analyze code for security vulnerabilities.#software #coding #security #EIIRTrendshttps://t.co/Q9eBkOmSR7 https://t.co/rlMQ4xrCVU

— Pareekh Jain (@pareekhjain) September 18, 2019

badass acquisition.. congrats to all Semmle hackers there for joining GitHub :)https://t.co/L7vXKOF6qe@fjserna @nicowaisman @agustingianni @mmolgtm @Nosoynadiemas @kevin_backhouse et al.

— Shift Red (@Shiftreduce) September 18, 2019

ほう / “GitHub acquires code analysis tool Semmle – TechCrunch” https://t.co/pXqP2jO3Sb

— Kosei Kitahara (@Surgo) September 18, 2019

GitHub acquires Semmle to help developers spot security vulnerabilities https://t.co/Bw7NpmAIrT

— TNW (@thenextweb) September 19, 2019

Microsoft는 GitHub 보안을 확대하기 위해 Semmle을 인수 https://t.co/vI2NDfdM8F
• GitHub CEO Nat Frieman은“Semmle의 혁신적인 시맨틱 코드 분석 엔진을 사용하면 개발자들이 큰 코드베이스에서 코드 패턴을 식별하고 취약점 및 그 변형을 검색하는 쿼리를 작성할 수 있습니다.

— editoy (@editoy) September 20, 2019

Big congrats to the @Semmle on their acquisition by Github. Great code = secure code. This is a?match. Congrats @oegerikus and team! https://t.co/nqWgxChn0o

— vas natarajan (@vas) September 18, 2019