Detail publikačního výsledku

Systematic Evaluation of Static Application Security Testing Tools

HAVELKOVÁ, S.; LAZAROV, W.

Originální název

Systematic Evaluation of Static Application Security Testing Tools

Anglický název

Systematic Evaluation of Static Application Security Testing Tools

Druh

Stať ve sborníku mimo WoS a Scopus

Originální abstrakt

The ever-expanding landscape of software development brings with it an increasing number of security flaws present in application source code. Detecting these weaknesses early in the development lifecycle is critical to preventing their exploitation in production. However, relying solely on human-driven code inspection is not scalable for modern, complex codebases. Static Application Security Testing (SAST) offers a promising alternative by automating the identification of common vulnerability patterns directly within source code. This paper presents a comparative evaluation of selected SAST tools, assessed against criteria such as detection accuracy, coverage, and false positive rate. The evaluation is conducted using a Python application intentionally embedded with known vulnerabilities. The results highlight the strengths and shortcomings of individual SAST tools and provide practical insights into their effectiveness in software security testing.

Anglický abstrakt

The ever-expanding landscape of software development brings with it an increasing number of security flaws present in application source code. Detecting these weaknesses early in the development lifecycle is critical to preventing their exploitation in production. However, relying solely on human-driven code inspection is not scalable for modern, complex codebases. Static Application Security Testing (SAST) offers a promising alternative by automating the identification of common vulnerability patterns directly within source code. This paper presents a comparative evaluation of selected SAST tools, assessed against criteria such as detection accuracy, coverage, and false positive rate. The evaluation is conducted using a Python application intentionally embedded with known vulnerabilities. The results highlight the strengths and shortcomings of individual SAST tools and provide practical insights into their effectiveness in software security testing.

Klíčová slova

SAST; SDLC; software vulnerabilities; static analysis; security testing

Klíčová slova v angličtině

SAST; SDLC; software vulnerabilities; static analysis; security testing

Autoři

HAVELKOVÁ, S.; LAZAROV, W.

Vydáno

28.04.2026

Nakladatel

Brno University of Technology, Faculty of Electrical Engineering and Communication

Místo

Brno

ISBN

978-80-214-6417-0

Kniha

Proceedings I of the 32nd STUDENT EEICT 2026

Strany od

457

Strany do

460

Strany počet

4

URL

BibTex

@inproceedings{BUT211705,
  author="Simona {Havelková} and  {} and Willi {Lazarov} and  {} and  {}",
  title="Systematic Evaluation of Static Application Security Testing Tools",
  booktitle="Proceedings I of the 32nd STUDENT EEICT 2026",
  year="2026",
  pages="457--460",
  publisher="Brno University of Technology, Faculty of Electrical Engineering and Communication",
  address="Brno",
  isbn="978-80-214-6417-0",
  url="https://www.eeict.cz/eeict_download/archiv/sborniky/EEICT_2026_sbornik_1.pdf"
}