Vulnerabilities mapping based on OWASP-SANS: A survey for static application security testing (SAST)

被引:0
|
作者
Li, Jinfeng [1 ]
机构
[1] Department of Electrical and Electronic Engineering, Imperial College London, London, United Kingdom
来源
Annals of Emerging Technologies in Computing | 2020年 / 4卷 / 03期
关键词
21;
D O I
10.33166/AETiC.2020.03.001
中图分类号
学科分类号
摘要
引用
收藏
页码:1 / 8
相关论文
共 50 条
  • [1] Semgrep*: Improving the Limited Performance of Static Application Security Testing (SAST) Tools
    Bennett, Gareth
    Hall, Tracy
    Winter, Emily
    Counsell, Steve
    [J]. PROCEEDINGS OF 2024 28TH INTERNATION CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2024, 2024, : 614 - 623
  • [2] Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java']Java
    Li, Kaixuan
    Chen, Sen
    Fan, Lingling
    Feng, Ruitao
    Liu, Han
    Liu, Chengwei
    Liu, Yang
    Chen, Yixiang
    [J]. PROCEEDINGS OF THE 31ST ACM JOINT MEETING EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, ESEC/FSE 2023, 2023, : 921 - 933
  • [3] Evaluation of Common Security Vulnerabilities of State Universities and Colleges Websites Based on OWASP
    Flores, Carlos P., Jr.
    Monreal, Richard N.
    [J]. JOURNAL OF ELECTRICAL SYSTEMS, 2024, 20 (05) : 1396 - 1404
  • [4] Benchmarking Approach to Compare Web Applications Static Analysis Tools Detecting OWASP Top Ten Security Vulnerabilities
    Bermejo Higuera, Juan R.
    Bermejo Higuera, Javier
    Sicilia Montalvo, Juan A.
    Cubo Villalba, Javier
    Nombela Perez, Juan Jose
    [J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2020, 64 (03): : 1555 - 1577
  • [5] A survey of static code analysis methods for security vulnerabilities detection
    Kulenovic, Melina
    Donko, Dzenana
    [J]. 2014 37TH INTERNATIONAL CONVENTION ON INFORMATION AND COMMUNICATION TECHNOLOGY, ELECTRONICS AND MICROELECTRONICS (MIPRO), 2014, : 1381 - 1386
  • [6] Web Application Security Education Platform Based on OWASP API Security Project
    Idris, Muhammad
    Syarif, Iwan
    Winarno, Idris
    [J]. EMITTER-INTERNATIONAL JOURNAL OF ENGINEERING TECHNOLOGY, 2022, 10 (02) : 246 - 261
  • [7] Multi-cluster visualization and live reporting of Static Analysis Security Testing (SAST) warnings
    Pathak, Abhishek
    Sivakumar, Kaarthik
    Haque, Mazhar
    Ganesan, Prasanna
    [J]. 2019 IEEE SECURE DEVELOPMENT (SECDEV 2019), 2019, : 145 - 145
  • [8] A survey of static analysis methods for identifying security vulnerabilities in software systems
    Pistoia, M.
    Chandra, S.
    Fink, S. J.
    Yahav, E.
    [J]. IBM SYSTEMS JOURNAL, 2007, 46 (02) : 265 - 288
  • [9] APSET, an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities
    Sébastien Salva
    Stassia R. Zafimiharisoa
    [J]. International Journal on Software Tools for Technology Transfer, 2015, 17 : 201 - 221
  • [10] APSET, an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities
    Salva, Sebastien
    Zafimiharisoa, Stassia R.
    [J]. INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2015, 17 (02) : 201 - 221
12345