G. Bennett, T. Hall, S. Counsell, E. Winter, and T. Shippey, “Do developers use static application security testing (sast) tools straight out of the box? a large-scale empirical study,” in Proceedings of the 18th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, ser. ESEM ’24, Barcelona, Spain: Association for Computing Machinery, 2024. doi:10.1145/3674805.3690750
G. Bennett, T. Hall, E. Winter, and S. Counsell, “Semgrep*: Improving the limited performance of static application security testing (sast) tools,” in Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering, ser. EASE ’24, Salerno, Italy: Association for Computing Machinery, 2024. doi:10.1145/3661167.3661262
G. Bennett, T. Hall, and D. Bowes, “Some automatically generated patches are more likely to be correct than others: An analysis of defects4j patch features,” in Proceedings of the Third International Workshop on Automated Program Repair, ser. APR ’22, Pittsburgh, Pennsylvania: Association for Computing Machinery, 2022. doi:10.1145/3524459.3527348
