all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

An Extensive Comparison of Static Application Security Testing Tools

Add to bookmarks
March 15, 2024, 4:10 a.m. | Matteo Esposito, Valentina Falaschi, Davide Falessi

cs.CR updates on arXiv.org arxiv.org

arXiv:2403.09219v1 Announce Type: cross
Abstract: Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be more effective than SASTTs due to their tendency to generate false alarms, commonly referred to as low Precision. Aim: We aim to comprehensively evaluate SASTTs, setting a reliable benchmark for assessing and finding gaps in vulnerability identification mechanisms based on SASTTs or alternatives. Method: Our SASTTs …

alarms application applications application security application security testing application security testing tools arxiv context cs.cr cs.cy cs.se identify low may reliability security security testing software software applications software vulnerabilities solutions static application security testing studies support testing testing tools tools vulnerabilities

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data 10 hours ago | arxiv.org
accuracy analysis arxiv cs.cr +17
Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning 10 hours ago | arxiv.org
arxiv attacks can cs.ai +13
Relay Mining: Incentivizing Full Non-Validating Nodes Servicing All RPC Types 10 hours ago | arxiv.org
arxiv client crypto cryptographic +19
Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection 10 hours ago | arxiv.org
advanced advanced persistent threats adversary adversary emulation +18
Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats 10 hours ago | arxiv.org
arxiv attacker attacks commercial +19
PriSampler: Mitigating Property Inference of Diffusion Models 10 hours ago | arxiv.org
arxiv attacks banking cs.cr +12
PrescientFuzz: A more effective exploration approach for grey-box fuzzing 10 hours ago | arxiv.org
arxiv box campaigns control +13
Evaluating and Mitigating Linguistic Discrimination in Large Language Models 10 hours ago | arxiv.org
arxiv can capabilities cs.ai +16
Towards Classical Software Verification using Quantum Computers 10 hours ago | arxiv.org
aid arxiv computer computers +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs