Automated Repair of Static Analysis Alerts

Update: 2024-05-31

Description

Developers know that static analysis helps make code more secure. However, static analysis tools often produce a large number of false positives, hindering their usefulness. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda, a software security engineer in the SEI’s CERT Division, discusses Redemption, a new open source tool from the SEI that automatically repairs common errors in C/C++ code generated from static analysis alerts, making code safer and static analysis less overwhelming.

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Securing Docker Containers: Techniques, Challenges, and Tools

2024-12-1639:09

An Introduction to Software Cost Estimation

2024-12-0422:55

Cybersecurity Metrics: Protecting Data and Understanding Threats

2024-10-1127:00

3 Key Elements for Designing Secure Systems

2024-10-0236:28

Using Role-Playing Scenarios to Identify Bias in LLMs

2024-09-1645:07

Best Practices and Lessons Learned in Standing Up an AISIRT

2024-09-0938:29

3 API Security Risks (and How to Protect Against Them)

2024-08-2219:28

Evaluating Large Language Models for Cybersecurity Tasks: Challenges and Best Practices

2024-07-2543:05

Capability-based Planning for Early-Stage Software Development

2024-07-1833:55

Safeguarding Against Recent Vulnerabilities Related to Rust

2024-07-0126:25

Developing a Global Network of Computer Security Incident Response Teams (CSIRTs)

2024-06-2130:51

Automated Repair of Static Analysis Alerts

2024-05-3127:05

Cyber Career Pathways and Opportunities

2024-05-2831:23

My Story in Computing with Sam Procter

2024-04-2437:15

Developing and Using a Software Bill of Materials Framework

2024-04-0437:37

The Importance of Diversity in Cybersecurity: Carol Ware

2024-03-2126:37

The Importance of Diversity in Software Engineering: Suzanne Miller

2024-03-2129:02

The Importance of Diversity in Artificial Intelligence: Violet Turri

2024-03-1516:57

Using Large Language Models in the National Security Realm

2024-02-1634:45

Atypical Applications of Agile and DevSecOps Principles

2024-02-0933:41

00:00

Automated Repair of Static Analysis Alerts

#box-pro-ellipsis-173650133906727{-webkit-line-clamp:2;}Automated Repair of Static Analysis Alerts

Automated Repair of Static Analysis Alerts

David Svoboda

Automated Repair of Static Analysis Alerts