Developers Need More Usable Static Code Scanners to Head Off Security Bugs

Static application security testing (SAST) tools have a variety of usability issues that make them less accessible to developers, researchers say. Tools failed to provide obvious actions to manage the results of a scan or to fix vulnerabilities, they say. The research was presented at the USENIX Symposium on Usable Privacy and Security on August 11. The paper describes a heuristic walkthrough approach to analyzing the software as well as a survey of users. The researchers focused on four tools: three open source SAST tools and one commercial tool.”]

Source: https://www.darkreading.com/application-security/developers-need-more-usable-static-code-scanners-to-head-off-security-bugs

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

RSA: Geolocation shows just how dead privacy is

Selling technology to cops, part 2

Categories

Partners

Just add here your partners image or promo text