Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Improve Your Static Analysis Audits Using CERT SCALe’s New Features

  • November 2018
  • By Lori Flynn
  • Learn how to become a research project collaborator for SCALe v3
  • Secure Coding
  • Publisher: Software Engineering Institute
  • Abstract

    In this webcast, Lori Flynn, a CERT senior software security researcher, described the new features in SCALe v3, a research prototype tool. SCALe v2, available on GitHub, offers a subset of features available in SCALe v3.  Over the last three years, as part of alert classification and prioritization research projects she has led, her team has added new features to the (privately released) 2015 version of SCALe (v1) that are  intended to assist with automated static analysis alert classification and advanced alert prioritization. Flynn invites people in other organizations to collaborate with her team, including testing SCALe v3 and providing sanitized audit archives. Collaborators  also might have an opportunity to become involved in developing a version of SCALe that would be usable in production, not just as a research prototype tool.

  • Slides