The application of Graph Neural Networks (GNNs) to retrospective security alert analysis clearly demonstrates value and feasibility for improving AppSec workflows. By transforming historical dismissed alert data through spanning static code scans, dynamic scanning, and secret-scanning results into a rich graph of interconnected entities (alerts, code components, user behaviors, systems, and outcomes), the GNN model was able to achieve an impressive 90.1% precision, 84.7% recall, and an 87.3% F1-score on an alert dataset that wes over 10,000 JSON objects. This resulted in uncovering 127 previously missed threats with only 14 false positives, substantially decreasing alert fatigue while recovering genuine vulnerabilities.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Summary, Implications, and Recommendations

  • Devjyoti Raha

摘要

The application of Graph Neural Networks (GNNs) to retrospective security alert analysis clearly demonstrates value and feasibility for improving AppSec workflows. By transforming historical dismissed alert data through spanning static code scans, dynamic scanning, and secret-scanning results into a rich graph of interconnected entities (alerts, code components, user behaviors, systems, and outcomes), the GNN model was able to achieve an impressive 90.1% precision, 84.7% recall, and an 87.3% F1-score on an alert dataset that wes over 10,000 JSON objects. This resulted in uncovering 127 previously missed threats with only 14 false positives, substantially decreasing alert fatigue while recovering genuine vulnerabilities.