{"id":"https://openalex.org/W7118662180","doi":"https://doi.org/10.1007/s10207-025-01187-w","title":"A large scale analysis of code security in public repositories","display_name":"A large scale analysis of code security in public repositories","publication_year":2026,"publication_date":"2026-01-06","ids":{"openalex":"https://openalex.org/W7118662180","doi":"https://doi.org/10.1007/s10207-025-01187-w"},"language":"en","primary_location":{"id":"doi:10.1007/s10207-025-01187-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01187-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01187-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01187-w.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005899068","display_name":"Ciprian Opri\u015fa","orcid":"https://orcid.org/0000-0001-9892-1470"},"institutions":[{"id":"https://openalex.org/I158333966","display_name":"Technical University of Cluj-Napoca","ror":"https://ror.org/03r8nwp71","country_code":"RO","type":"education","lineage":["https://openalex.org/I158333966"]}],"countries":["RO"],"is_corresponding":true,"raw_author_name":"Ciprian Opri\u015fa","raw_affiliation_strings":["Bitdefender, Cluj-Napoca, Romania","Computer Science Department, Technical University of Cluj-Napoca, Cluj-Napoca, Romania"],"affiliations":[{"raw_affiliation_string":"Bitdefender, Cluj-Napoca, Romania","institution_ids":[]},{"raw_affiliation_string":"Computer Science Department, Technical University of Cluj-Napoca, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I158333966"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5122004250","display_name":"Dominic Octavian Grigoru\u0163","orcid":null},"institutions":[{"id":"https://openalex.org/I158333966","display_name":"Technical University of Cluj-Napoca","ror":"https://ror.org/03r8nwp71","country_code":"RO","type":"education","lineage":["https://openalex.org/I158333966"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Dominic Octavian Grigoru\u0163","raw_affiliation_strings":["Computer Science Department, Technical University of Cluj-Napoca, Cluj-Napoca, Romania"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, Technical University of Cluj-Napoca, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I158333966"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014613493","display_name":"Haralambos Mouratidis","orcid":"https://orcid.org/0000-0002-2599-0712"},"institutions":[{"id":"https://openalex.org/I110002522","display_name":"University of Essex","ror":"https://ror.org/02nkf1q06","country_code":"GB","type":"education","lineage":["https://openalex.org/I110002522"]},{"id":"https://openalex.org/I4210150367","display_name":"BH Consulting (Ireland)","ror":"https://ror.org/04sbmz064","country_code":"IE","type":"company","lineage":["https://openalex.org/I4210150367"]}],"countries":["GB","IE"],"is_corresponding":false,"raw_author_name":"Haralambos Mouratidis","raw_affiliation_strings":["Institute for Analytics and Data Science (IADS), University of Essex, Colchester, UK","Security Labs Consulting (SLC), Dublin, Ireland"],"affiliations":[{"raw_affiliation_string":"Institute for Analytics and Data Science (IADS), University of Essex, Colchester, UK","institution_ids":["https://openalex.org/I110002522"]},{"raw_affiliation_string":"Security Labs Consulting (SLC), Dublin, Ireland","institution_ids":["https://openalex.org/I4210150367"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049156258","display_name":"Eftychia Lakka","orcid":"https://orcid.org/0000-0002-0512-6150"},"institutions":[{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Eftychia Lakka","raw_affiliation_strings":["Institute of Computer Science Foundation for Research and Technology - Hellas, Heraklion, Greece"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science Foundation for Research and Technology - Hellas, Heraklion, Greece","institution_ids":["https://openalex.org/I8901234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022957018","display_name":"Ourania Manta","orcid":"https://orcid.org/0000-0003-2071-1144"},"institutions":[{"id":"https://openalex.org/I4210105896","display_name":"Cyprus Research and Innovation Center (Cyprus)","ror":"https://ror.org/01ha10g31","country_code":"CY","type":"company","lineage":["https://openalex.org/I4210105896"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Ourania Manta","raw_affiliation_strings":["CyberAlytics Limited, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"CyberAlytics Limited, Nicosia, Cyprus","institution_ids":["https://openalex.org/I4210105896"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5122010412","display_name":"Angelos Mavrias","orcid":null},"institutions":[{"id":"https://openalex.org/I4210105896","display_name":"Cyprus Research and Innovation Center (Cyprus)","ror":"https://ror.org/01ha10g31","country_code":"CY","type":"company","lineage":["https://openalex.org/I4210105896"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Angelos Mavrias","raw_affiliation_strings":["CyberAlytics Limited, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"CyberAlytics Limited, Nicosia, Cyprus","institution_ids":["https://openalex.org/I4210105896"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043442965","display_name":"Marinos Tsantekidis","orcid":"https://orcid.org/0000-0001-6710-5972"},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marinos Tsantekidis","raw_affiliation_strings":["AEGIS IT Research GmbH, Braunschweig, Germany"],"affiliations":[{"raw_affiliation_string":"AEGIS IT Research GmbH, Braunschweig, Germany","institution_ids":["https://openalex.org/I94509681"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5121999872","display_name":"Nikolas Filippatos","orcid":null},"institutions":[{"id":"https://openalex.org/I174878644","display_name":"University of Patras","ror":"https://ror.org/017wvtq80","country_code":"GR","type":"education","lineage":["https://openalex.org/I174878644"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Nikolas Filippatos","raw_affiliation_strings":["University of Patras, Patras, Greece"],"affiliations":[{"raw_affiliation_string":"University of Patras, Patras, Greece","institution_ids":["https://openalex.org/I174878644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093759886","display_name":"George Daniil","orcid":"https://orcid.org/0009-0005-4164-9265"},"institutions":[{"id":"https://openalex.org/I174878644","display_name":"University of Patras","ror":"https://ror.org/017wvtq80","country_code":"GR","type":"education","lineage":["https://openalex.org/I174878644"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"George Daniil","raw_affiliation_strings":["University of Patras, Patras, Greece"],"affiliations":[{"raw_affiliation_string":"University of Patras, Patras, Greece","institution_ids":["https://openalex.org/I174878644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014630156","display_name":"Alexandru Gal","orcid":"https://orcid.org/0000-0001-6787-8238"},"institutions":[{"id":"https://openalex.org/I4210088507","display_name":"Romanian Society of Nephrology","ror":"https://ror.org/003tbyf39","country_code":"RO","type":"other","lineage":["https://openalex.org/I4210088507"]},{"id":"https://openalex.org/I4210126371","display_name":"Institute of Solid Mechanics","ror":"https://ror.org/0307mca49","country_code":"RO","type":"facility","lineage":["https://openalex.org/I4210126371"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Ionel-Alexandru Gal","raw_affiliation_strings":["Institute of Solid Mechanics of the Romanian Academy, Bucharest, Romania","Ringhel Team SRL, Bucharest, Romania"],"affiliations":[{"raw_affiliation_string":"Institute of Solid Mechanics of the Romanian Academy, Bucharest, Romania","institution_ids":["https://openalex.org/I4210126371"]},{"raw_affiliation_string":"Ringhel Team SRL, Bucharest, Romania","institution_ids":["https://openalex.org/I4210088507"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038633998","display_name":"Drago\u015f Teodor Gavrilu\u0163","orcid":"https://orcid.org/0009-0004-3339-9625"},"institutions":[{"id":"https://openalex.org/I138164181","display_name":"Alexandru Ioan Cuza University","ror":"https://ror.org/022kvet57","country_code":"RO","type":"education","lineage":["https://openalex.org/I138164181"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Drago\u015f Gavrilu\u0163","raw_affiliation_strings":["Bitdefender, Cluj-Napoca, Romania","Faculty of Computer Science, Al. I. Cuza University, la\u015fi, Romania"],"affiliations":[{"raw_affiliation_string":"Bitdefender, Cluj-Napoca, Romania","institution_ids":[]},{"raw_affiliation_string":"Faculty of Computer Science, Al. I. Cuza University, la\u015fi, Romania","institution_ids":["https://openalex.org/I138164181"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5122011020","display_name":"Christos Kargatzis","orcid":null},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christos Kargatzis","raw_affiliation_strings":["AEGIS IT Research GmbH, Braunschweig, Germany"],"affiliations":[{"raw_affiliation_string":"AEGIS IT Research GmbH, Braunschweig, Germany","institution_ids":["https://openalex.org/I94509681"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109897169","display_name":"Sotiris Ioannidis","orcid":"https://orcid.org/0009-0002-0682-0475"},"institutions":[{"id":"https://openalex.org/I55741626","display_name":"Technical University of Crete","ror":"https://ror.org/03f8bz564","country_code":"GR","type":"education","lineage":["https://openalex.org/I55741626"]},{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Sotiris Ioannidis","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece","Institute of Computer Science Foundation for Research and Technology - Hellas, Heraklion, Greece"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece","institution_ids":["https://openalex.org/I55741626"]},{"raw_affiliation_string":"Institute of Computer Science Foundation for Research and Technology - Hellas, Heraklion, Greece","institution_ids":["https://openalex.org/I8901234"]}]}],"institutions":[],"countries_distinct_count":6,"institutions_distinct_count":13,"corresponding_author_ids":["https://openalex.org/A5005899068"],"corresponding_institution_ids":["https://openalex.org/I158333966"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.03018234,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"25","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.3395000100135803,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.3395000100135803,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.28690001368522644,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.1306000053882599,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7232999801635742},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.707099974155426},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.7038000226020813},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.5774999856948853},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.5652999877929688},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5364999771118164},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5213000178337097},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.451200008392334},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.4388999938964844},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4352000057697296}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8179000020027161},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7232999801635742},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.707099974155426},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.7038000226020813},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6628999710083008},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.5774999856948853},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.5652999877929688},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5533999800682068},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5364999771118164},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5213000178337097},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.451200008392334},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.4388999938964844},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4352000057697296},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.38760000467300415},{"id":"https://openalex.org/C63406617","wikidata":"https://www.wikidata.org/wiki/Q5266714","display_name":"Development testing","level":5,"score":0.36489999294281006},{"id":"https://openalex.org/C140006998","wikidata":"https://www.wikidata.org/wiki/Q2499307","display_name":"Dynamic program analysis","level":3,"score":0.35440000891685486},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.3357999920845032},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.33329999446868896},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.3319999873638153},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.3240000009536743},{"id":"https://openalex.org/C123551368","wikidata":"https://www.wikidata.org/wiki/Q7122888","display_name":"Package development process","level":5,"score":0.3203999996185303},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.31450000405311584},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.30550000071525574},{"id":"https://openalex.org/C199519371","wikidata":"https://www.wikidata.org/wiki/Q942695","display_name":"Source lines of code","level":3,"score":0.30469998717308044},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.30300000309944153},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.2985999882221222},{"id":"https://openalex.org/C76518257","wikidata":"https://www.wikidata.org/wiki/Q271680","display_name":"Software framework","level":5,"score":0.2935999929904938},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2883000075817108},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.2831000089645386},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.2824000120162964},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.27900001406669617},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.2770000100135803},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.27410000562667847},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.27399998903274536},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.2736999988555908},{"id":"https://openalex.org/C21491501","wikidata":"https://www.wikidata.org/wiki/Q430253","display_name":"Backporting","level":5,"score":0.2655999958515167},{"id":"https://openalex.org/C133237599","wikidata":"https://www.wikidata.org/wiki/Q2295111","display_name":"Code smell","level":5,"score":0.2606000006198883},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.2587999999523163},{"id":"https://openalex.org/C101317890","wikidata":"https://www.wikidata.org/wiki/Q940053","display_name":"Software maintenance","level":4,"score":0.25839999318122864},{"id":"https://openalex.org/C121957198","wikidata":"https://www.wikidata.org/wiki/Q14365593","display_name":"KPI-driven code analysis","level":5,"score":0.25060001015663147}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/s10207-025-01187-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01187-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01187-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1007/s10207-025-01187-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01187-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01187-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7118662180.pdf"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W2404313524","https://openalex.org/W2763622888","https://openalex.org/W2766411424","https://openalex.org/W2947593054","https://openalex.org/W2960678361","https://openalex.org/W2970809537","https://openalex.org/W2994839422","https://openalex.org/W2997258927","https://openalex.org/W2999378142","https://openalex.org/W3043576244","https://openalex.org/W3093700956","https://openalex.org/W4211168459","https://openalex.org/W4214485088","https://openalex.org/W4225843175","https://openalex.org/W4226437737","https://openalex.org/W4312223840","https://openalex.org/W4386694333","https://openalex.org/W4389365900","https://openalex.org/W4394769342","https://openalex.org/W4400577095","https://openalex.org/W4400976823","https://openalex.org/W4401556459","https://openalex.org/W4402338429","https://openalex.org/W4403646757","https://openalex.org/W4403915041","https://openalex.org/W4409113905","https://openalex.org/W6949638154"],"related_works":[],"abstract_inverted_index":{"Cybersecurity":[0],"is":[1],"a":[2,71,97,125,165,185,233],"growing":[3],"concern":[4],"for":[5,33,65,120,187],"the":[6,23,91,109,118,129,189,202,209,219,229,243],"software":[7,15,34,130,135,225,244],"development":[8,16,35,131,245],"sector,":[9],"as":[10,124,232],"insecure":[11,14],"code":[12,52,87,122],"and":[13,43,50,58,78,198,227,238],"practices":[17],"lead":[18],"to":[19,30,163,179,207,235],"dangerous":[20],"vulnerabilities":[21,81,156],"in":[22,96,128,158,168,223],"released":[24],"products.":[25],"We":[26],"propose":[27],"CONSOLE,":[28],"designed":[29],"boost":[31],"cybersecurity":[32],"with":[36],"an":[37],"automated,":[38],"unified":[39],"platform":[40,93,231],"of":[41,74,80,90,108,146,196],"tools":[42,64],"services.":[44,61],"The":[45,86,155,171,182],"proposed":[46,92],"framework":[47],"integrates":[48],"static":[49],"dynamic":[51],"analysis":[53,88,100,174],"tools,":[54],"real-time":[55],"protection":[56],"mechanisms,":[57],"adaptive":[59],"training":[60],"Multiple":[62],"open-source":[63],"Static":[66],"Application":[67],"Security":[68],"Testing":[69],"offer":[70],"wide":[72],"coverage":[73],"supported":[75],"programming":[76],"languages":[77],"types":[79,195],"that":[82],"can":[83,176],"be":[84,177,205],"detected.":[85],"features":[89],"were":[94],"used":[95,178],"large":[98,172],"scale":[99,173],"on":[101,193,218],"10,855":[102],"public":[103],"repositories.":[104],"More":[105],"than":[106],"60%":[107],"analyzed":[110],"repositories":[111],"contained":[112],"verified":[113],"security":[114,153,220],"issues,":[115],"which":[116],"highlights":[117],"need":[119],"automatic":[121],"evaluation":[123],"standard":[126],"practice":[127],"pipeline.":[132],"While":[133],"popular":[134,159],"projects":[136,160,226],"are":[137,149,161],"usually":[138],"more":[139],"secure,":[140],"having":[141],"less":[142],"defects":[143,221,241],"per":[144],"Megabyte":[145],"code,":[147],"they":[148],"not":[150],"shielded":[151],"from":[152],"issues.":[154],"present":[157],"likely":[162],"have":[164],"greater":[166],"impact":[167],"production":[169],"environments.":[170],"results":[175],"improve":[180],"CONSOLE.":[181],"paper":[183,215],"proposes":[184,228],"strategy":[186],"mitigating":[188],"False":[190],"Positives,":[191],"focusing":[192],"prevalent":[194],"alerts":[197],"prioritizing":[199],"them":[200],"so":[201],"developers":[203],"will":[204],"able":[206],"examine":[208],"most":[210],"serious":[211],"issues":[212],"first.":[213],"This":[214],"brings":[216],"awareness":[217],"found":[222],"common":[224],"CONSOLE":[230],"solution":[234],"automatically":[236],"detect":[237],"correct":[239],"these":[240],"during":[242],"lifecycle.":[246]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2026-01-08T00:00:00"}