CATEGORIES
home News

Microsoft CodeQL Tools Goes Open Source To Aid Firms With Solorigate Threat Analysis

by Nathan OrdFriday, February 26, 2021, 12:22 PM EDT
microsoft releases code to help hunt for solarigate
Now that Microsoft’s investigation into the Solorigate hack has concluded, it is time to pick up the pieces and plot a [secure] path forward. In doing this, Microsoft has internally utilized several tools, including CodeQL, to hunt for Solorigate activity. Microsoft, however, “believes in leading with transparency and sharing intelligence with the community for the betterment of security practices and posture across the industry as a whole,” and is subsequently sharing its tools to help other companies in hunting Solorigate.

According to Microsoft’s blog post, CodeQL is “a powerful semantic code analysis engine” which works by a two-pronged approach. When code is compiled, CodeQL builds a database that grabs a model of that code. Once the database is constructed, one can query it like a regular database but with complex code conditions as the query.

microsoft releases code to help hunt for solarigate process
Microsoft's CodeQL Process

This two-pronged approach from CodeQL is of particular use to Microsoft as it “unlocks many useful scenarios, including being able to use static analysis not just for proactive Secure Development Lifecycle analysis but also for reactive code inspection across the enterprise.” Moreover, the CodeQL databases from multiple codebases can be compiled and searched across, making security easier overall.

Ultimately, while CodeQL can be used for other vulnerability hunting, the new Solorigate queries Microsoft authored will hopefully help the thousands of companies affected by the hack. If you believe you need to use CodeQL, you can find out more about Microsoft’s contributions at the GitHub page for CodeQL and start threat hunting today.
Tags:  Microsoft, security, cybersecurity, (nasdaq:msft), solarigate
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment