Use of GNN to automate SSDLC Alert Dismissal Review Process: Study on the Usage & Efficacy of Novel Deep Learning Techniques in Appsec
Author:   Devjyoti Raha
Publisher:   Springer Fachmedien Wiesbaden
ISBN:  

9783658514952


Pages:   100
Publication Date:   20 May 2026
Format:   Paperback
Availability:   Not yet available   Availability explained
This item is yet to be released. You can pre-order this item and we will dispatch it to you upon its release.

Our Price $263.97 Quantity:  
Pre-Order

Share |

Use of GNN to automate SSDLC Alert Dismissal Review Process: Study on the Usage & Efficacy of Novel Deep Learning Techniques in Appsec


Overview

The work grew out of a very practical problem: the AppSec team was drowning in security scanning alerts but still occasionally missed real issues that had been dismissed as false positives. Wanted to present a way not just to tune individual tools, but to look across CodeQL, OWASP ZAP, GHAS secret scanning, and other scanners and understand where the triage process itself was failing. That led to the idea of treating the entire alert history as a graph, where alerts, code files, services, dependencies, users, and incidents are all connected nodes linked by data flows, temporal relationships, and shared context. From there, the team designed a JSON schema to normalize alerts from different tools, built a heterogeneous graph on top of that data, and implemented a graph neural network to learn patterns that distinguish correctly closed alerts from those that later turned out to be genuine issues. It all started with synthetic and pilot datasets to prove feasibility, wiring up a small GCN/GAT-based model that could ingest these graphs and output a “retriage probability” for each closed alert, then iterated on node features and relationships until the model consistently identified historically missed alerts with high precision. Alongside the model, continued developing scripts and pipelines to generate training data, evaluate confusion matrices, and visualize results so that AppSec engineers could see not just scores but concrete examples of alerts being flagged for a second look. As results stabilized—showing strong precision and recall on retrospective tests—the focus shifted to integration: embedding this GNN step into CI/CD and SIEM workflows so that closed alerts could be continuously re-scored, and high‑risk ones automatically routed back to the security team for triage, with analyst feedback feeding into the next training cycle.

Full Product Details

Author:   Devjyoti Raha
Publisher:   Springer Fachmedien Wiesbaden
Imprint:   Springer Vieweg
ISBN:  

9783658514952


ISBN 10:   3658514957
Pages:   100
Publication Date:   20 May 2026
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   Forthcoming
Availability:   Not yet available   Availability explained
This item is yet to be released. You can pre-order this item and we will dispatch it to you upon its release.

Table of Contents

Reviews

Author Information

Devjyoti Raha is working as an application architect with a strong enthusiasm in promoting automation leveraging AI.

Tab Content 6

Author Website:  

Countries Available

All regions
Latest Reading Guide

MRGC26

 

Shopping Cart
Your cart is empty
 Shopping cart
Mailing List

 

Sign up now