Multi-cluster visualization and live reporting of Static Analysis Security Testing (SAST) warnings

被引：0

作者：

Pathak, Abhishek ^{[1
]}

Sivakumar, Kaarthik ^{[1
]}

Haque, Mazhar ^{[1
]}

Ganesan, Prasanna ^{[1
]}

机构：

[1] Cisco Syst Inc, San Jose, CA 95134 USA

来源：

2019 IEEE SECURE DEVELOPMENT (SECDEV 2019) | 2019年

关键词：

static analysis; static analysis cluster setup; security; multi cluster visualization; org hierarchy based report;

D O I：

10.1109/SecDev.2019.00028

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

This short paper discusses a case study of multi cluster visualization of Static Analysis Security Testing (SAST) warnings in large clusters catering to a majority of Cisco products in hierarchical organizational and checker views. This serves as a one stop shop for real-time visualization of Static Analysis (SA) warning trends, chart, downloading reports, and to effectively address the potential security weaknesses detected. Presently leading SAST tools like Coverity, codesonar, Klocwork etc do not provide inter-cluster or enterprise-wide visualization to effectively address the SA warnings.

引用

页码：145 / 145

页数：1

共 50 条

[1] Security automation for multi-cluster orchestration in Kubernetes
Bringhenti, Daniele
Sisto, Riccardo
Valenza, Fulvio
[J]. 2023 IEEE 9TH INTERNATIONAL CONFERENCE ON NETWORK SOFTWARIZATION, NETSOFT, 2023, : 480 - 485
[2] Semgrep*: Improving the Limited Performance of Static Application Security Testing (SAST) Tools
Bennett, Gareth
Hall, Tracy
Winter, Emily
Counsell, Steve
[J]. PROCEEDINGS OF 2024 28TH INTERNATION CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2024, 2024, : 614 - 623
[3] Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java']Java
Li, Kaixuan
Chen, Sen
Fan, Lingling
Feng, Ruitao
Liu, Han
Liu, Chengwei
Liu, Yang
Chen, Yixiang
[J]. PROCEEDINGS OF THE 31ST ACM JOINT MEETING EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, ESEC/FSE 2023, 2023, : 921 - 933
[4] An empirical study of security warnings from static application security testing tools
Aloraini, Bushra
Nagappan, Meiyappan
German, Daniel M.
Hayashi, Shinpei
Higo, Yoshiki
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2019, 158
[5] Vulnerabilities mapping based on OWASP-SANS: A survey for static application security testing (SAST)
Li, Jinfeng
[J]. Annals of Emerging Technologies in Computing, 2020, 4 (03) : 1 - 8
[6] Analysis of interconnection networks in heterogeneous multi-cluster systems
Javadi, Bahman
Abawajy, Jemal H.
Akbari, Mohammad K.
Nahavandi, Saeid
[J]. 2006 INTERNATIONAL CONFERENCE ON PARALLEL PROCESSING WORKSHOPS, PROCEEDINGS, 2006, : 115 - +
[7] DeepGraph: Multi-Cluster Interactive Visualization of Complex Networks in a Learned Representation Space
Sun, Yidan
Kejriwal, Mayank
[J]. PROCEEDINGS OF THE 2023 IEEE/ACM INTERNATIONAL CONFERENCE ON ADVANCES IN SOCIAL NETWORKS ANALYSIS AND MINING, ASONAM 2023, 2023, : 427 - 430
[8] Performance analysis of interconnection networks for multi-cluster systems
Javadi, B
Abawajy, JH
Akbari, MK
[J]. COMPUTATIONAL SCIENCE - ICCS 2005, PT 3, 2005, 3516 : 205 - 212
[9] A performance model for analysis of heterogeneous multi-cluster systems
Javadi, Bahman
Akbari, Mohammad K.
Abawajy, Jemal H.
[J]. PARALLEL COMPUTING, 2006, 32 (11-12) : 831 - 851
[10] Multi-cluster computing interconnection network performance modeling and analysis
Javadi, Bahman
Akbari, Mohammad K.
Abawajy, Jemal H.
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2009, 25 (07): : 737 - 746

← 1 2 3 4 5 →