Semgrep*: Improving the limited performance of static application security testing (SAST) tools

representative citing papers

citing papers explorer

Showing 5 of 5 citing papers.

• Longitudinal Analyses of SAST Tools: A CodeQL Case Study cs.CR · 2026-05-08 · unverdicted · none · ref 9

  CodeQL detected 171 CVEs total, with 83 caught by a prior version before the fix; detections were often actionable within the vulnerable file but not stable across tool versions.

• NESA: Relational Neuro-Symbolic Static Program Analysis cs.PL · 2024-12-18 · conditional · none · ref 41

  NESA presents a neuro-symbolic framework that decomposes static analyses into policy-defined sub-problems solved by parsers and LLMs to enable compilation-free customizable analysis with reduced hallucinations.

• PRISM: Generation-Time Detection and Mitigation of Secret Leakage in Multi-Agent LLM Pipelines cs.AI · 2026-05-11 · unverdicted · none · ref 25

  PRISM detects and stops credential leakage during LLM generation in multi-agent pipelines using per-token risk scores from lexical, structural, and behavioral signals, achieving zero observed leaks and F1 of 0.832 on a 2000-task benchmark.

• Who's Who? LLM-assisted Software Traceability with Architecture Entity Recognition cs.SE · 2025-11-04 · unverdicted · none · ref 24

  LLM approaches ExArch and ArTEMiS reach F1 scores of 0.86 and 0.81 for architecture entity recognition and traceability, matching or approaching baselines that require manual models.

• REALISTA: Realistic Latent Adversarial Attacks that Elicit LLM Hallucinations cs.CL · 2026-05-12 · unreviewed · ref 218