Software Engineering Institute (SEI) Podcast Series Podcast
Software Engineering Institute (SEI) Podcast Series
Members of Technical Staff at the Software Engineering Institute
Automated Repair of Static Analysis Alerts - episode of Software Engineering Institute (SEI) Podcast Series podcast

Automated Repair of Static Analysis Alerts

27 minutes Posted May 31, 2024 at 5:29 pm.
0:00
27:05
Download MP3
Show notes

Developers know that static analysis helps make code more secure. However, static analysis tools often produce a large number of false positives, hindering their usefulness. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda, a software security engineer in the SEI’s CERT Division, discusses Redemption, a new open source tool from the SEI that automatically repairs common errors in C/C++ code generated from static analysis alerts, making code safer and static analysis less overwhelming.