CodeQL documentation

CodeQL training and variant analysis examples

CodeQL and variant analysis

Variant analysis is the process of using a known vulnerability as a seed to find similar problems in your code. Security engineers typically perform variant analysis to identify possible vulnerabilities and to ensure that these threats are properly fixed across multiple code bases.

CodeQL is the code analysis engine that underpins LGTM, the community driven security analysis platform. Together, CodeQL and LGTM provide continuous monitoring and scalable variant analysis for your projects, even if you don’t have your own team of dedicated security engineers. You can read more about using CodeQL and LGTM in variant analysis on the Security Lab research page.

CodeQL is easy to learn, and exploring code using CodeQL is the most efficient way to perform variant analysis.

Learning CodeQL for variant analysis

Start learning how to use CodeQL in variant analysis for a specific language by looking at the topics below. Each topic links to a short presentation on CodeQL, its libraries, or an example variant discovered using CodeQL.

When you have selected a presentation, use → and ← to navigate between slides. Press p to view the additional notes on slides that have an information icon ⓘ in the top right corner, and press f to enter full-screen mode.

The presentations contain a number of query examples. We recommend that you download CodeQL for Visual Studio Code and add the example database for each presentation so that you can find the bugs mentioned in the slides.


The presentations listed below are used in CodeQL and variant analysis training sessions run by GitHub engineers. Therefore, be aware that the slides are designed to be presented by an instructor. If you are using the slides without an instructor, please use the additional notes to help guide you through the examples.

CodeQL and variant analysis for C/C++

CodeQL and variant analysis for Java

Further reading