MA-CoT prompting reduces security findings in LLM-generated code by 57.6% on a 200-task dataset and 94.5% on LLMSecEval across C, Java, and Python, outperforming vanilla, zero-shot, and standard CoT strategies.
Using AI assistants in software development: A qualitative study on security practices and concerns
4 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
fields
cs.CR 4years
2026 4roles
background 1polarities
background 1representative citing papers
A within-subject study of 12 developers found that security training reduced validated weaknesses by 31.5% and critical issues by 79.2% in LLM-assisted backend coding.
FIDO2 passkeys largely remain phishing-resistant because implemented attacks like infected authenticators and browser deception demand far more effort and resources than traditional password phishing.
Empirical tests show open-source LLM agents underperform the Bandit SAST tool and are not ready to replace it for security scanning.
citing papers explorer
-
A Quasi-Experimental Developer Study of Security Training in LLM-Assisted Web Application Development
A within-subject study of 12 developers found that security training reduced validated weaknesses by 31.5% and critical issues by 79.2% in LLM-assisted backend coding.