Abstract
Alert fatigue is a common issue faced by software teams using the DevSecOps paradigm. The overwhelming number of warnings and alerts generated by security and code scanning tools, particularly in smaller teams where resources are limited, leads to desensitization and diminished responsiveness to security warnings, potentially exposing systems to vulnerabilities. This paper explores the potential of LLMs in generating actionable security reports that emphasize the financial impact and consequences of detected security issues, such as credential leaks, if they remain unaddressed. A survey conducted among developers indicates that LLM-generated reports significantly enhance the likelihood of immediate action on security issues by providing clear, comprehensive, and motivating insights. Integrating these reports into DevSecOps workflows can mitigate attention saturation and alert fatigue, ensuring that critical security warnings are addressed effectively.
Abstract (translated)
警示疲劳是使用DevSecOps范式软件团队普遍面临的问题。特别是对于资源有限的小型团队,安全性和代码扫描工具生成的警告和警报数量过多,导致对安全警告的麻木和反应减弱,可能使系统暴露于漏洞。本文探讨了LLM在生成关注度高的安全报告以强调检测到的安全问题的财务影响和后果方面的潜力。对开发人员的调查表明,LLM生成的报告显著增强了立即采取行动的可能性,通过提供清晰、全面和有激励性的见解。将这些报告纳入DevSecOps工作流程中可以减轻注意力的饱和,确保对关键安全警告的有效处理。
URL
https://arxiv.org/abs/2410.01899
