FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4386688462> ?p ?o ?g. }

• W4386688462 abstract "Abstract The use of static analysis security testing (SAST) tools has been increasing in recent years. However, previous studies have shown that, when shipped to end users such as development or security teams, the findings of these tools are often unsatisfying. Users report high numbers of false positives or long analysis times, making the tools unusable in the daily workflow. To address this, SAST tool creators provide a wide range of configuration options, such as customization of rules through domain-specific languages or specification of the application-specific analysis scope. In this paper, we study the configuration space of selected existing SAST tools when used within the integrated development environment (IDE). We focus on the configuration options that impact three dimensions, for which a trade-off is unavoidable, i.e., precision, recall, and analysis runtime. We perform a between-subjects user study with 40 users from multiple development and security teams - to our knowledge, the largest population for this kind of user study in the software engineering community. The results show that users who configure SAST tools are more effective in resolving security vulnerabilities detected by the tools than those using the default configuration. Based on post-study interviews, we identify common strategies that users have while configuring the SAST tools to provide further insights for tool creators. Finally, an evaluation of the configuration options of two commercial SAST tools, Fortify and CheckMarx , reveals that a quarter of the users do not understand the configuration options provided. The configuration options that are found most useful relate to the analysis scope." @default.
• W4386688462 created "2023-09-13" @default.
• W4386688462 creator A5045027342 @default.
• W4386688462 creator A5076678278 @default.
• W4386688462 creator A5077569016 @default.
• W4386688462 date "2023-09-01" @default.
• W4386688462 modified "2023-10-18" @default.
• W4386688462 title "Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study" @default.
• W4386688462 cites W1969785126 @default.
• W4386688462 cites W2017025011 @default.
• W4386688462 cites W2130758759 @default.
• W4386688462 cites W2514084604 @default.
• W4386688462 cites W2519392667 @default.
• W4386688462 cites W2646484260 @default.
• W4386688462 cites W2749587018 @default.
• W4386688462 cites W2762682773 @default.
• W4386688462 cites W2795566764 @default.
• W4386688462 cites W2803054784 @default.
• W4386688462 cites W2853432192 @default.
• W4386688462 cites W2888223970 @default.
• W4386688462 cites W2940466285 @default.
• W4386688462 cites W2961642335 @default.
• W4386688462 cites W2964817188 @default.
• W4386688462 cites W2972976146 @default.
• W4386688462 cites W3031020798 @default.
• W4386688462 cites W3217224160 @default.
• W4386688462 cites W4233410239 @default.
• W4386688462 cites W4239863959 @default.
• W4386688462 cites W4244726870 @default.
• W4386688462 cites W4254666025 @default.
• W4386688462 cites W4281737341 @default.
• W4386688462 cites W4299818415 @default.
• W4386688462 doi "https://doi.org/10.1007/s10664-023-10354-3" @default.
• W4386688462 hasPublicationYear "2023" @default.
• W4386688462 type Work @default.
• W4386688462 citedByCount "0" @default.
• W4386688462 crossrefType "journal-article" @default.
• W4386688462 hasAuthorship W4386688462A5045027342 @default.
• W4386688462 hasAuthorship W4386688462A5076678278 @default.
• W4386688462 hasAuthorship W4386688462A5077569016 @default.
• W4386688462 hasBestOaLocation W43866884621 @default.
• W4386688462 hasConcept C115903868 @default.
• W4386688462 hasConcept C134306372 @default.
• W4386688462 hasConcept C136764020 @default.
• W4386688462 hasConcept C144024400 @default.
• W4386688462 hasConcept C149923435 @default.
• W4386688462 hasConcept C177212765 @default.
• W4386688462 hasConcept C183003079 @default.
• W4386688462 hasConcept C199360897 @default.
• W4386688462 hasConcept C2522767166 @default.
• W4386688462 hasConcept C2778012447 @default.
• W4386688462 hasConcept C2908647359 @default.
• W4386688462 hasConcept C33923547 @default.
• W4386688462 hasConcept C36503486 @default.
• W4386688462 hasConcept C38652104 @default.
• W4386688462 hasConcept C41008148 @default.
• W4386688462 hasConcept C77088390 @default.
• W4386688462 hasConceptScore W4386688462C115903868 @default.
• W4386688462 hasConceptScore W4386688462C134306372 @default.
• W4386688462 hasConceptScore W4386688462C136764020 @default.
• W4386688462 hasConceptScore W4386688462C144024400 @default.
• W4386688462 hasConceptScore W4386688462C149923435 @default.
• W4386688462 hasConceptScore W4386688462C177212765 @default.
• W4386688462 hasConceptScore W4386688462C183003079 @default.
• W4386688462 hasConceptScore W4386688462C199360897 @default.
• W4386688462 hasConceptScore W4386688462C2522767166 @default.
• W4386688462 hasConceptScore W4386688462C2778012447 @default.
• W4386688462 hasConceptScore W4386688462C2908647359 @default.
• W4386688462 hasConceptScore W4386688462C33923547 @default.
• W4386688462 hasConceptScore W4386688462C36503486 @default.
• W4386688462 hasConceptScore W4386688462C38652104 @default.
• W4386688462 hasConceptScore W4386688462C41008148 @default.
• W4386688462 hasConceptScore W4386688462C77088390 @default.
• W4386688462 hasIssue "5" @default.
• W4386688462 hasLocation W43866884621 @default.
• W4386688462 hasOpenAccess W4386688462 @default.
• W4386688462 hasPrimaryLocation W43866884621 @default.
• W4386688462 hasRelatedWork W2026901334 @default.
• W4386688462 hasRelatedWork W2081035100 @default.
• W4386688462 hasRelatedWork W2108595774 @default.
• W4386688462 hasRelatedWork W2278173804 @default.
• W4386688462 hasRelatedWork W2372799935 @default.
• W4386688462 hasRelatedWork W2387713776 @default.
• W4386688462 hasRelatedWork W3202376248 @default.
• W4386688462 hasRelatedWork W3206324740 @default.
• W4386688462 hasRelatedWork W4226151304 @default.
• W4386688462 hasRelatedWork W4221142711 @default.
• W4386688462 hasVolume "28" @default.
• W4386688462 isParatext "false" @default.
• W4386688462 isRetracted "false" @default.
• W4386688462 workType "article" @default.