Identifying, Prioritizing and Evaluating Vulnerabilities in Third Party Code

Forskningsoutput: Kapitel i bok/rapport/Conference proceedingKonferenspaper i proceeding

Abstract

We demonstrate a tool for identifying, prioritizing and evaluating vulnerabilities in software. The tool aims to improve security in products by making maintenance more efficient and robust. Software components and release versions are matched with vulnerability information from open resources. The results are visualized on several different levels, ranging from product portfolio and individual products, to specific releases and vulnerabilities. The tool keeps track of how security evolves over time in deployed releases, and also how the maintenance organization progresses in evaluating new vulnerabilities. This will result in more efficient, accurate, and robust security analysis and awareness within the organization, and the anticipated long term effect is more secure products.

Detaljer

Författare
Enheter & grupper
Externa organisationer
  • debricked AB
Forskningsområden

Ämnesklassifikation (UKÄ) – OBLIGATORISK

  • Datorsystem
Originalspråkengelska
Titel på värdpublikationIEEE 22nd International Enterprise Distributed Object Computing Workshop
FörlagIEEE--Institute of Electrical and Electronics Engineers Inc.
Antal sidor4
StatusAccepted/In press - 2018
PublikationskategoriForskning
Peer review utfördJa

Related projects

Martin Hell

2016/05/102018/11/15

Projekt: Forskning

Visa alla (1)