O'Reilly logo

The Art and Science of Analyzing Software Data by Thomas Zimmermann, Tim Menzies, Christian Bird

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8

Analyzing Security Data

Andrew Meneely*    * Department of Software Engineering, Rochester Institute of Technology, Rochester, NY, USA

Abstract

Security is a challenging and strange property of software. Security is not about understanding how a customer might use the system; security is about ensuring that an attacker cannot abuse the system. Instead of defining what the system should do, security is about ensuring that system does not do something malicious. As a result, applying traditional software analytics to security leads to some unique challenges and caveats. In this chapter, we will discuss four “gotchas” of analyzing security data, along with vulnerabilities and severity scoring. We will describe a method commonly-used ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required