Summary, Implications, and Recommendations
摘要
The application of Graph Neural Networks (GNNs) to retrospective security alert analysis clearly demonstrates value and feasibility for improving AppSec workflows. By transforming historical dismissed alert data through spanning static code scans, dynamic scanning, and secret-scanning results into a rich graph of interconnected entities (alerts, code components, user behaviors, systems, and outcomes), the GNN model was able to achieve an impressive 90.1% precision, 84.7% recall, and an 87.3% F1-score on an alert dataset that wes over 10,000 JSON objects. This resulted in uncovering 127 previously missed threats with only 14 false positives, substantially decreasing alert fatigue while recovering genuine vulnerabilities.