search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Improve Your Static Analysis Audits Using CERT SCALe’s New Features

Webcast
By
In this webcast, Lori Flynn, a CERT senior software security researcher, describes the new features in SCALe v3, a research prototype tool.
Publisher

Software Engineering Institute

Subjects

Watch

Abstract

In this webcast, Lori Flynn, a CERT senior software security researcher, describes the new features in SCALe v3, a research prototype tool. SCALe v2, available on GitHub, offers a subset of features available in SCALe v3.  Over the last three years, as part of alert classification and prioritization research projects she has led, her team has added new features to the (privately released) 2015 version of SCALe (v1) that are  intended to assist with automated static analysis alert classification and advanced alert prioritization. Flynn invites people in other organizations to collaborate with her team, including testing SCALe v3 and providing sanitized audit archives. Collaborators  also might have an opportunity to become involved in developing a version of SCALe that would be usable in production, not just as a research prototype tool.

About the Speaker

Lori Flynn

Lori Flynn

Lori Flynn is a Software Security Engineer at CERT, in the Software Engineering Institute of Carnegie Mellon University. Flynn's ongoing work includes the development of new secure coding rules and composable static analysis of apps to check for compliance with data flow rules on Android platforms. Past experience includes network …

Read more
SHARE

Subscribe

On YouTube

Supplemental Materials

Download Transcript
Part of a Collection

SCALe Collection
Ask a question about this Webcast