Papers
Topics
Authors
Recent
Search
2000 character limit reached

Evaluation of Static Analysis Tools for Finding Vulnerabilities in Java and C/C++ Source Code

Published 23 May 2018 in cs.SE | (1805.09040v2)

Abstract: It is quite common for security testing to be delayed until after the software has been developed, but vulnerabilities may get noticed throughout the implementation phase and the earlier they are discovered, the easier and cheaper it will be to fix them. Software development processes such as the secure software development lifecycle incorporates security at every stage of the design and development process. Static code scanning tools find vulnerabilities in code by highlighting potential security flaws and offer examples on how to resolve them, and some may even modify the code to remove the susceptibility. This paper compares static analysis tools for Java and C/C++ source code, and explores their pros and cons.

Citations (31)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Summarize

Paper to Video (Beta)

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up