This study investigates static code analysis for security audit in an industrial and agile settings. The case study is Telenor Digital, located in Norway. The study aims to understand the challenges for implementing a static code analysis tool from agile developers perspective. The study investigated static code analysis tools on a benchmark security test suite (NIST Juliet Test Suite) in order to make an informed decision by comparing the tools on the basis of their true positive rate and discrimination rate. Lastly, a post-evaluation of the implemented static analysis tool at Telenor was performed. The results of this work shed more light on what are the challenges for implementing a static code analysis tool for security audit in...
A taint analízis egy olyan technikai, ami statikus kódanalízis használatával képes felismerni potenc...
Static code analysis comprises techniques which statically examine a piece of computer program code ...
Abstract Many teams at CERN, develop their own software to solve their tasks. This software may be...
This study investigates static code analysis for security audit in an industrial and agile settings....
It is claimed that integrating agile and security in practice is challenging. There is the notion th...
This thesis presents the results of an evaluation of source code analyzers. Such tools constitute an...
V diplomskem delu smo preučili pristop statične analize programske kode za iskanje varnostnih luken...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
Technological developments are increasing day by day and software products are growing in an uncontr...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Software vulnerabilities are added into programs during its development. Architectural flaws are i...
Traditionally, static code analysis tools alert developers on possible defects in the code. In recen...
This thesis addresses several aspects of using static code analysis tools for detection of security ...
V diplomskem delu smo opisali in primerjali orodja za statično analizo kode. Dobra analiza napisane ...
U ovom radu opisana je primjena statičke analize na jednostavnom komercijalnom projektu. Naprije su ...
A taint analízis egy olyan technikai, ami statikus kódanalízis használatával képes felismerni potenc...
Static code analysis comprises techniques which statically examine a piece of computer program code ...
Abstract Many teams at CERN, develop their own software to solve their tasks. This software may be...
This study investigates static code analysis for security audit in an industrial and agile settings....
It is claimed that integrating agile and security in practice is challenging. There is the notion th...
This thesis presents the results of an evaluation of source code analyzers. Such tools constitute an...
V diplomskem delu smo preučili pristop statične analize programske kode za iskanje varnostnih luken...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
Technological developments are increasing day by day and software products are growing in an uncontr...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Software vulnerabilities are added into programs during its development. Architectural flaws are i...
Traditionally, static code analysis tools alert developers on possible defects in the code. In recen...
This thesis addresses several aspects of using static code analysis tools for detection of security ...
V diplomskem delu smo opisali in primerjali orodja za statično analizo kode. Dobra analiza napisane ...
U ovom radu opisana je primjena statičke analize na jednostavnom komercijalnom projektu. Naprije su ...
A taint analízis egy olyan technikai, ami statikus kódanalízis használatával képes felismerni potenc...
Static code analysis comprises techniques which statically examine a piece of computer program code ...
Abstract Many teams at CERN, develop their own software to solve their tasks. This software may be...