One of the most significant problems facing application security teams is the amount of time it takes to manage the results returned from automated testing tools. Tests may return thousands of potential vulnerabilities, but most AppSec professionals know that only a small fraction of these are worth the time and effort to remediate. AppSec teams comb through these results and triage them—flagging the ones that should be fixed and weeding out the false positives. This process is extraordinarily time-consuming, repetitive, and tedious—but necessary. Machine learning offers a solution to this problem. This whitepaper discusses the ways that machine learning can be applied to automate the triage process, including solutions already on the market.
- Does diversity have an impact on software and security teams?
- Securing the U.S. Election: Panel
- 5 Human Factors That Affect Secure Software Development
- ASOC Part 3: How to improve AppSec accountability with Application Security Orchestration and Correlation
- ASOC Series Part 2: How to scale AppSec with Application Security automation
Anita D'Amico application security application security orchestration and correlation application security risk Application Security Risk Management application vulnerability correlation appsec Attack Surface Detector Award code exploits Code Pulse Continuous assurance Cybercrime Cyber Defense Magazine Cyber espionage cybersecurity DAST DevOps devops tools DevSecOps DHS dynamic application security testing GitHub Hacker HIPAA human factors hybrid analysis interactive application security testing Jenkins Ken Prole NetSec Newsday NIST open source static analysis tools OWASP Penetration testing risk management RSA SAST software component vulnerabilities static application security testing static source code analysis SWAMP Vulnerability management vulnerability tools