Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Prioritizing Alerts from Static Analysis with Classification Models

  • November 2016
  • By Lori Flynn
  • In this presentation, Lori Flynn describes work toward an automated and accurate statistical classifier, intended to efficiently use analyst effort and to remove code flaws.
  • Secure Coding
  • Publisher: Software Engineering Institute
  • Abstract

    The project created alert classification models using features derived from multiple static analysis tools, code base metrics, and archived audit determinations. The results are accurate predictors of alert validity, intended for use in automatic prioritization of alerts from static analysis tools that minimizes the number of alerts needing human assessment.

  • Download