Key features in new release of SCAIFE System Version 2.0.0 including support for continuous-integration (CI) systems, and status of evolving SEI SCAIFE work

Read More

October 25, 2021 • By Lori Flynn

In Secure Development

The SEI Source Code Analysis Integrated Framework Environment (SCAIFE) is a modular architecture designed to enable a wide variety of tools, systems, and users to use artificial intelligence (AI) classifiers …

Read More

December 14, 2020 • By Lori Flynn

This blog post describes a new repository of labeled data that CERT is making publicly available for many code-flaw conditions. Researchers can use this dataset along with the associated code …

Read More

November 2, 2020 • By Lori Flynn

In Secure Development

Learn how the SEI's SCAIFE API helps classify and prioritize static analysis alerts, reduce manual effort, and improve accuracy in identifying code flaws.

Read More

September 14, 2020 • By Lori Flynn

In this post, we describe the Source Code Analysis Integrated Framework Environment (SCAIFE) application programming interface (API). SCAIFE is an architecture for classifying and prioritizing static analysis alerts.

Read More

July 21, 2019 • By Lori Flynn, Ebonie McNeil

In Secure Development

Static analysis tools analyze code without executing it, to identify potential flaws in source code. These tools produce a large number of alerts with high false-positive rates that an engineer …

Read More

December 16, 2018 • By Lori Flynn, Ebonie McNeil

In Secure Development

Experience shows that most software contains code flaws that can lead to vulnerabilities. Static analysis tools used to identify potential vulnerabilities in source code produce....

Read More

September 23, 2018 • By Lori Flynn

In Secure Development