04cfea51-379e-4d84-91b6-c6bc146fb3b2 beie director@blueeyesintelligence.org 10.35940/ijrte.B7671.0712223 J. G. C. &. L.-P. M. M. ACOSTA, "A LITERATURE REVIEW OF VULNERABILITY MANAGEMENT IN INFORMATION SYSTEMS. COMPUTERS SECURITY," PP. 47-65, 2016.J. &. L. B. Jørgensen, "Software vulnerability remediation with risk‐based prioritization. Journal of Software: Evolution and Process," 2017.A. R. V. a. H. M. M. Vieira, "A survey on software vulnerability detection using machine learning.," vol. 97, pp. 186-198, 2014.G. &. O. A. L. Sindre, "Eliciting security requirements with misuse cases. Requirements Engineering," vol. 16, pp. 31-56, 2011.J. &. H. S. Ruohonen, "The effectiveness of static code analysis: A systematic literature review," vol. 106, pp. 96-115, 2019.G. &. S. Z. Wassermann, "Static analysis for security," pp. 589-619, 2016.S. A. K. A. &. M. M. S. Ali, "A systematic literature review on security testing of web applications," vol. 45, pp. 124-142, 2015.M. P. V. T. R. A. &. S. K. Böhme, "The effectiveness of testing techniques for fault detection: A systematic review and meta-analysis," vol. 52, pp. 1-40, 2019.D. R. a. F. R. W. Kuhn, "Penetration testing: A hands-on introduction to hacking," 2018.M. Bishop, "Computer Security: Art and Science," vol. 1st edition, 2002.W. S. a. K. E. Ehab Al-Shaer, "A survey on vulnerability assessment and penetration testing techniques," vol. 18, pp. 1033-1046, 2016.10.1145/1134285.1134349N. B. T. a. Z. A. Nagappan, "Mining metrics to predict component failures," pp. 452-461, 2006.13.Y. B. a. A. F. G.-S. A. Acosta, "An empirical comparison of automated and manual penetration testing," vol. 63, pp. 122-144.J. C. a. A. Meneely, "The impact of code review coverage and code review participation on software quality: a case study of the qt, vtk, and itk projects," vol. 19, pp. 1024-1060, 2014.D. Spinellis, "Code reviews and static code analysis: the last line of defense against software vulnerabilities," vol. 34, pp. 92-97, 2017.M. A. F. A. a. M. A. A.-S. A. M. A. Rizvi, "Effectiveness of software security testing techniques: a systematic review," vol. 123, pp. 155-176, 2017.J. R. T. a. J. H. Park, "A comparative study of vulnerability detection methods," vol. 30, pp. 1395-1411, 2014.B. C. a. M. O. Dino Juric, "Combining static and dynamic analysis for software security assessment," pp. 50-62, 2015.E. B. J. M. B. d. l. P. a. M. Á. R. L. Martínez, "Towards a new integrated approach for web application security testing," vol. 85, pp. 553-566, 2012.K. M. K. H. a. Y. R. Tari, "An empirical comparison of software vulnerability discovery techniques," vol. 64, pp. 835-847, 2015.Z. T. A. A. a. A. L. A. Abdul-Rahman, "A comparison of static and dynamic analysis for software vulnerability detection," pp. 912-917.W. L. a. T. J. T. Chen, "Systematic Identification of Vulnerabilities in Open-Source Software," vol. 17, pp. 674-687, 2020.L. W. a. R. Kessler, " Pair Programming vs. Up-front Design for Extreme Programming," vol. 19, pp. 62-70, 2002.A. Ghaznavi-Zadeh, "A Comprehensive Review of Penetration Testing," vol. 7, 2021.H. Saidani, "Comparative Analysis of Software Vulnerability Assessment Techniques, Journal of Computer Networks and Communications," 2018.C. L. a. S. Sabetzadeh, "An Empirical Study of Code Review Processes in Open-Source Software Projects," vol. 110, pp. 64-80, 2015.R. Kazman, "Software Design Review," vol. 55, pp. 129-137, 2012.K. Stergiopoulos, "Penetration Testing: A Methodology for Enhancing Vulnerability Assessments," vol. 4, pp. 263-271, 2013.A. A. a. H. Siddiqi, "Penetration Testing Methodologies: A Review," vol. 2, pp. 98-110, 2014.A. W. L. &. O. J. Meneely, "Software engineering for cybersecurity: A research roadmap," vol. 144, pp. 1-17, 2018.L. W. a. J. O. M. A. Rahman, "Improving code review efficiency: A study of static analysis and reviewer recommendation," vol. 138, pp. 81-96, 2018.A. P. a. B. K. A. Zeller, "Code review in the dark," vol. 36, pp. 40-47, 2019.L. Y. Y. &. L. Y. Wang, "A large-scale empirical study of code review practices in open source projects," vol. 45, pp. 913-935, 2019.M. I. Ahmed, "Automated code review: A systematic literature review," vol. 144, pp. 163-179, 2018.S. B. a. J. R. W. N. A. Ernst, "Duration of software code review meetings: An empirical analysis," pp. 514-524, 2019.P. T. P. a. A. Orso, " Are automated debugging techniques actually helping programmers," pp. 385-394, 2010.D. H. Shihab, "An Analysis of the Code Review Processes of Open-Source Software Projects," vol. 43, pp. 850-867, 2017.S. K. a. H. K. K. S. Y. Shin, "Combining Static and Dynamic Analysis for Web Application Security Assessment," vol. 12, 2016.M. V. Tripunitara, "Testing for Security: An Overview," vol. 47, pp. 1-37, 2015.G. McGraw, "Software Security Testing: Do We Really Know How to Do This Stuff," vol. 2, pp. 83-86, 2004.B. H. E. R. M. F. A. M. D. W. A. Edmundson, "An Empirical Study on the Effectiveness of Security Code Review".C. A. G. Ç. A. B. L. Braz, "Less is More: Supporting Developers in Vulnerability Detection during Code Review," 2022."Secure Code Review," Application Security.Y. C. H. X. S. W. a. J. L. Xinyu Yang, "Empirical evaluation of the effectiveness of code review for finding security vulnerabilities in web applications," no. 28, pp. 1058-1071, 2013.M. S. H. B. M. &. B. M. Kessentini, "A systematic review of software fault prediction approaches. Journal of Systems and Softwar," vol. 83, pp. 1378-1396, 2010.D. Litchfield, "Google Hacking for Penetration Testers," 2005.K. Arvanitakis, S. Mitropoulos and S. Kontogiannis, " A comparative study of code review and penetration testing in web application security," vol. 3, pp. 235-243, 2012.M. K. M. &. O. M. Ferruh, "A comparative study of penetration testing tools," pp. 483-488, 2012.J. &. M. D. DeMott, "The limits of automated web application security scanners," pp. 421-430, 2008.D. H. M. &. A.-A. M. A. Al-Qudah, "A comparative study of code review and testing for finding software defects," pp. 785-795, 2014.W. H. T. &. G. J. Zou, "An empirical study on the effectiveness of code review for finding security vulnerabilities in Android applications," pp. 36-51, 2016.R. M. R. e. al., "Comparative study of code review and penetration testing for detecting security vulnerabilities in software," pp. 1-6, 2021.M. F. K. e. al., "Comparing code review and penetration testing as vulnerability detection techniques," pp. 1-6, 2019.H. A. K. a. H. M. Abbas, "A comparative study of code review and penetration testing," pp. 191-196, 2018.M. A. A. Q. e. al, "Code review versus penetration testing: A comparative analysis," pp. 1-5, 2018.