all InfoSec news
An Extensive Comparison of Static Application Security Testing Tools
March 15, 2024, 4:10 a.m. | Matteo Esposito, Valentina Falaschi, Davide Falessi
cs.CR updates on arXiv.org arxiv.org
Abstract: Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be more effective than SASTTs due to their tendency to generate false alarms, commonly referred to as low Precision. Aim: We aim to comprehensively evaluate SASTTs, setting a reliable benchmark for assessing and finding gaps in vulnerability identification mechanisms based on SASTTs or alternatives. Method: Our SASTTs …
alarms application applications application security application security testing application security testing tools arxiv context cs.cr cs.cy cs.se identify low may reliability security security testing software software applications software vulnerabilities solutions static application security testing studies support testing testing tools tools vulnerabilities
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Engineer
@ Commit | San Francisco
Trainee (m/w/d) Security Engineering CTO Taskforce Team
@ CHECK24 | Berlin, Germany
Security Engineer
@ EY | Nicosia, CY, 1087
Information System Security Officer (ISSO) Level 3-COMM Job#455
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Application Security Engineer
@ Wise | London, United Kingdom