Skip to content

CodeQL Query Writing Tailored Workshop

Overview

One of the most compelling aspects of CodeQL is its extensibility. Rather than being limited to a set of out of the box functions, new functionality can be added by authoring new queries using a powerful and comprehensive programming language called QL. Having the ability to author new CodeQL queries has a number of advantages such as being able to find new security vulnerabilities and being able to model new frameworks and codebases to provide higher-fidelity query results.

An important aspect of being successful with CodeQL is an ability to design and write new CodeQL queries that solve new problems not addressed by the out of the box queries provided with CodeQL. In addition to our CodeQL Query Writing Training, which offers a fixed set of courses the you can select from, this offering provides you with a way to request and participate in workshops tailored to the unique business and technical challenges of your organization.

In this offering, you will discuss your goals with a CodeQL Analysis Engineer who will in turn compose a workshop tailored to your goals and requirements. The workshop will be delivered in the same 2 hour format as the CodeQL Query Writing Trainings but designed to address the needs that are tailored do your organization and technical challenges.

Target Audience

  • Security Researchers
  • Application Security Teams
  • Software Engineering Technical Leads

Key Features and Benefits

  • A guided interactive training with a CodeQL expert to gain a deeper understanding of CodeQL.
  • Focused on a query writing topic of your choice.
  • Learn reusable patterns for query development for similar problems.
  • Receive example CodeQL databases, queries and learning material for continuing your learning after the session.

Syllabus

  1. A kick-off and discovery call to identify and refine the topic of the workshop. Please bring any supporting material with you - e.g. samples, references or relevant codebases.
  2. Development of the workshop based on the agreed topic and scope. This will typically require 1-2 weeks.
  3. Delivery of the workshop in a single 2 hour interactive remote session. All materials will be shared with you after the session.

Learning/Business Outcomes

  • Enhanced understanding of CodeQL topics covered by the tailored training workshop.
  • Participants will be able to apply the patterns and approaches covered in the session to similar problems.
  • One or more queries identifying the example vulnerabilities or patterns to help accelerate your own query development for similar patterns.

Prerequisites

  • An identified CodeQL query writing topic. Workshops are typically structured around an example of a security vulnerability or code pattern you wish to find using CodeQL.

How can we help?

Let's build a customized solution that meets all of your needs.

This field is required.
Please enter a valid work email address.
This field is required.
This field is required.
For support questions, head to
github.com/contact