Abstract:

Identifying vulnerabilities in source code is crucial, especially in critical software components. Existing methods such as static analysis, dynamic analysis, formal verification, and recently Large Language Models are widely used to detect security flaws. This paper introduces CASTLE (CWE Automated...

Key points:

• Research on large language models
• Security application

Source: CASTLE: Benchmarking Dataset for Static Code Analyzers and LLMs towards CWE Detection