diff --git a/change-notes/2020-07-22-ssh-host-checking.md b/change-notes/2020-07-22-ssh-host-checking.md
new file mode 100644
index 00000000000..7f83626bf0e
--- /dev/null
+++ b/change-notes/2020-07-22-ssh-host-checking.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Query "Use of insecure HostKeyCallback implementation" (`go/insecure-hostkeycallback`) is promoted from experimental status. This checks for insecurely omitting SSH host-key verification.
diff --git a/ql/src/experimental/CWE-322/InsecureHostKeyCallback.qhelp b/ql/src/Security/CWE-322/InsecureHostKeyCallback.qhelp
similarity index 100%
rename from ql/src/experimental/CWE-322/InsecureHostKeyCallback.qhelp
rename to ql/src/Security/CWE-322/InsecureHostKeyCallback.qhelp
diff --git a/ql/src/experimental/CWE-322/InsecureHostKeyCallback.ql b/ql/src/Security/CWE-322/InsecureHostKeyCallback.ql
similarity index 100%
rename from ql/src/experimental/CWE-322/InsecureHostKeyCallback.ql
rename to ql/src/Security/CWE-322/InsecureHostKeyCallback.ql
diff --git a/ql/src/experimental/CWE-322/InsecureHostKeyCallbackExample.go b/ql/src/Security/CWE-322/InsecureHostKeyCallbackExample.go
similarity index 100%
rename from ql/src/experimental/CWE-322/InsecureHostKeyCallbackExample.go
rename to ql/src/Security/CWE-322/InsecureHostKeyCallbackExample.go
diff --git a/ql/src/experimental/CWE-322/SecureHostKeyCallbackExample.go b/ql/src/Security/CWE-322/SecureHostKeyCallbackExample.go
similarity index 100%
rename from ql/src/experimental/CWE-322/SecureHostKeyCallbackExample.go
rename to ql/src/Security/CWE-322/SecureHostKeyCallbackExample.go
diff --git a/ql/test/experimental/CWE-322/InsecureHostKeyCallback.qlref b/ql/test/experimental/CWE-322/InsecureHostKeyCallback.qlref
deleted file mode 100644
index 006d685c747..00000000000
--- a/ql/test/experimental/CWE-322/InsecureHostKeyCallback.qlref
+++ /dev/null
@@ -1 +0,0 @@
-experimental/CWE-322/InsecureHostKeyCallback.ql
\ No newline at end of file
diff --git a/ql/test/experimental/CWE-322/InsecureHostKeyCallback.expected b/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
similarity index 100%
rename from ql/test/experimental/CWE-322/InsecureHostKeyCallback.expected
rename to ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
diff --git a/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.qlref b/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.qlref
new file mode 100644
index 00000000000..b5f8712594d
--- /dev/null
+++ b/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.qlref
@@ -0,0 +1 @@
+Security/CWE-322/InsecureHostKeyCallback.ql
diff --git a/ql/test/experimental/CWE-322/InsecureHostKeyCallbackExample.go b/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallbackExample.go
similarity index 100%
rename from ql/test/experimental/CWE-322/InsecureHostKeyCallbackExample.go
rename to ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallbackExample.go
diff --git a/ql/test/experimental/CWE-322/go.mod b/ql/test/query-tests/Security/CWE-322/go.mod
similarity index 100%
rename from ql/test/experimental/CWE-322/go.mod
rename to ql/test/query-tests/Security/CWE-322/go.mod
diff --git a/ql/test/experimental/CWE-322/vendor/golang.org/LICENSE b/ql/test/query-tests/Security/CWE-322/vendor/golang.org/LICENSE
similarity index 100%
rename from ql/test/experimental/CWE-322/vendor/golang.org/LICENSE
rename to ql/test/query-tests/Security/CWE-322/vendor/golang.org/LICENSE
diff --git a/ql/test/experimental/CWE-322/vendor/golang.org/x/crypto/ssh/stub.go b/ql/test/query-tests/Security/CWE-322/vendor/golang.org/x/crypto/ssh/stub.go
similarity index 100%
rename from ql/test/experimental/CWE-322/vendor/golang.org/x/crypto/ssh/stub.go
rename to ql/test/query-tests/Security/CWE-322/vendor/golang.org/x/crypto/ssh/stub.go
diff --git a/ql/test/experimental/CWE-322/vendor/modules.txt b/ql/test/query-tests/Security/CWE-322/vendor/modules.txt
similarity index 100%
rename from ql/test/experimental/CWE-322/vendor/modules.txt
rename to ql/test/query-tests/Security/CWE-322/vendor/modules.txt