Securing your code with CodeQL with Sasha Rosenbaum!

OWASP DevSlop Project
OWASP DevSlop Project
Public group

Location visible to members


CodeQL is a semantic code analysis engine that helps you identify security vulnerabilities and bad patterns in your code, querying your code as if it were data. CodeQL queries are community powered, so you can build on the work of the security research community, as well as add your own research. And now, you can even run CodeQL in the cloud using GitHub actions, with minimal setup and no dedicated servers required. And, of course, CodeQL is free for open source projects!

Sasha is a Program Manager on the Azure DevOps engineering team, focused on improving the alignment of the product with open source software.
Sasha is a co-organizer of the DevOps Days Chicago and the DeliveryConf conferences, and recently published a book on Serverless computing in Azure with .NET.

You can find Sasha on social media: