2 matches found
Longitudinal Analyses of SAST Tools: A CodeQL Case Study
Open-source software OSS pipelines rely on automated static analysis tools to prevent the introduction of vulnerabilities in code. However, there is limited understanding of the efficacy of these tools across the OSS ecosystem over time. In this paper, we introduce a novel method to evaluate stat...
Visualizing Spectre/Meltdown Impact and Remediation Progress
In order to determine the impact of Spectre/Meltdown and track remediation progress across your entire environment, it is important to visualize vulnerability detections in a dynamic dashboard. For more information on Spectre and Meltdown, please see our previous blog. Using Qualys AssetView, we...