The Microsoft affiliate of GitHub announced today that it has become a CVE Numbering Authority and that it has completed the acquisition of the Semmle code analysis platform.
Semmle's analytical mechanism, QL, simplifies the process of finding variations of the same coding error
GitHub improves the error scanning process
GitHub plans to add Semmle technology to its services and improve code development and the process of discovering the vulnerability of its users.
Semmle treats source code as data and enables the identification of entire vulnerability classes at a much faster rate than traditional code analysis methods. The product is now used by major organizations such as Google, Uber, Microsoft and NASA.
GitHub plans to integrate Semmle into its services and provide 36 million platform developers with the opportunity to check their error code before launching the product. This is in the early stages.  Easier Error Reporting, Tracking, and Correction
Today, GitHub is a Common Vulnerability and Exposure Numbering System (CVE) or CNA, which means it can assign vulnerability identifiers.
Security consulting open on the platform can now be tracked more easily and researchers, supporters and developers can better collaborate to remove security issues.
It is worth noting that GitHub has already caused vulnerabilities in the reports received to confirm the impact and affected users before launching alerts.
With these changes, GitHub is stepping up its role in cybersecurity, offering its enormous core services to developers to detect vulnerabilities in their faster-speed projects, bug tracking and automation of dependency patches.