1 / 2

Evaluating Bug Detection Tools: Insights from Software Security Benchmarks

In the evolving landscape of software security, benchmarks serve as a crucial measure for comparing bug detection tools. They should focus on three key attributes: relevance to end-user concerns (like easily interpreted results, performance, and accuracy), scenarios reflective of real-world situations (exemplified by TPC benchmarks), and utilization of known bugs, possibly from open source projects. This approach aims to provide an objective evaluation and understanding of the effectiveness of various security tools in today's software infrastructure.

aqua
Télécharger la présentation

Evaluating Bug Detection Tools: Insights from Software Security Benchmarks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Barmak MeftahVP, Engineering Fortify Software Software Security at the Source

  2. Why Benchmarks? • A good and hopefully objective gauge for comparing bug detection tools or for that matter any piece of infrastructure software • Should have 3 attributes: • Measure what end-users care about (results that can be easily consumed, performance, and accuracy of output) • Scenarios that users care about and is close to real life situations (TPC benchmarks are a great example) • Start with known bugs (maybe open source projects)

More Related