Use of GNN to automate SSDLC Alert Dismissal by Devjyoti Raha (.ePUB)+
File Size: 21.5 MB
Use of GNN to automate SSDLC Alert Dismissal Review Process: Study on the Usage & Efficacy of Novel Deep Learning Techniques in Appsec by Devjyoti Raha
Requirements: .ePUB, .PDF reader, 21.5 MB | True PDF, True EPUB
Overview: The work grew out of a very practical problem: the AppSec team was drowning in security scanning alerts but still occasionally missed real issues that had been dismissed as false positives. Wanted to present a way not just to tune individual tools, but to look across CodeQL, OWASP ZAP, GHAS secret scanning, and other scanners and understand where the triage process itself was failing. That led to the idea of treating the entire alert history as a graph, where alerts, code files, services, dependencies, users, and incidents are all connected nodes linked by data flows, temporal relationships, and shared context. From there, the team designed a JSON schema to normalize alerts from different tools, built a heterogeneous graph on top of that data, and implemented a graph neural network to learn patterns that distinguish correctly closed alerts from those that later turned out to be genuine issues. There are typically 3 standard Deep Learning models: CNN (Convolution Neural Network), DNN (Deep Neural Network) and GNN (Graph+CNN). Each of the models have their advantages and disadvantages, with our primary datasets mostly would be JSON based. Existing appsec tool controls such as SAST/DAST/Secret managements/SCA/IAST performs their analysis and produces results in JSON format in majority of the scenarios. Mitigation approach usually comprises of manual or semi manual which as discussed above can have the possibility of missing of a flaw being fixed and hence a chance to being exploited in real life and caused damages to related stakeholders and seriously harm credibility of the enterprise.
Genre: Non-Fiction > Tech & Devices
Free Download links: