{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,10]],"date-time":"2026-05-10T05:40:57Z","timestamp":1778391657567,"version":"3.51.4"},"reference-count":61,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2025,1,14]],"date-time":"2025-01-14T00:00:00Z","timestamp":1736812800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Council for Humanities, Science, and Technology (CONHACYT)","award":["101070303"],"award-info":[{"award-number":["101070303"]}]},{"name":"European Commission under the Horizon Europe research and innovation program as part of the project LAZARUS","award":["101070303"],"award-info":[{"award-number":["101070303"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>In cybersecurity, identifying and addressing vulnerabilities in source code is essential for maintaining secure IT environments. Traditional static and dynamic analysis techniques, although widely used, often exhibit high false-positive rates, elevated costs, and limited interpretability. Machine Learning (ML)-based approaches aim to overcome these limitations but encounter challenges related to scalability and adaptability due to their reliance on large labeled datasets and their limited alignment with the requirements of secure development teams. These factors hinder their ability to adapt to rapidly evolving software environments. This study proposes an approach that integrates Prototype-Based Model-Agnostic Meta-Learning(Proto-MAML) with a Question-Answer (QA) framework that leverages the Bidirectional Encoder Representations from Transformers (BERT) model. By employing Few-Shot Learning (FSL), Proto-MAML identifies and mitigates vulnerabilities with minimal data requirements, aligning with the principles of the Secure Development Lifecycle (SDLC) and Development, Security, and Operations (DevSecOps). The QA framework allows developers to query vulnerabilities and receive precise, actionable insights, enhancing its applicability in dynamic environments that require frequent updates and real-time analysis. The model outputs are interpretable, promoting greater transparency in code review processes and enabling efficient resolution of emerging vulnerabilities. Proto-MAML demonstrates strong performance across multiple programming languages, achieving an average precision of 98.49%, recall of 98.54%, F1-score of 98.78%, and exact match rate of 98.78% in PHP, Java, C, and C++.<\/jats:p>","DOI":"10.3390\/fi17010033","type":"journal-article","created":{"date-parts":[[2025,1,14]],"date-time":"2025-01-14T07:35:47Z","timestamp":1736840147000},"page":"33","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Question\u2013Answer Methodology for Vulnerable Source Code Review via Prototype-Based Model-Agnostic Meta-Learning"],"prefix":"10.3390","volume":"17","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5012-9468","authenticated-orcid":false,"given":"Pablo","family":"Corona-Fraga","sequence":"first","affiliation":[{"name":"Centro de Investigaci\u00f3n e Innovaci\u00f3n en Tecnolog\u00edas de la Informaci\u00f3n y Comunicaci\u00f3n, Avenida San Fernando No. 37, Colonia Toriello Guerra, Delegaci\u00f3n Tlalpan, Mexico City 14050, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4867-2717","authenticated-orcid":false,"given":"Aldo","family":"Hernandez-Suarez","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4735-205X","authenticated-orcid":false,"given":"Gabriel","family":"Sanchez-Perez","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9555-4705","authenticated-orcid":false,"given":"Linda Karina","family":"Toscano-Medina","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7786-2050","authenticated-orcid":false,"given":"Hector","family":"Perez-Meana","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8863-7804","authenticated-orcid":false,"given":"Jose","family":"Portillo-Portillo","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0337-5364","authenticated-orcid":false,"given":"Jesus","family":"Olivares-Mercado","sequence":"additional","affiliation":[{"name":"Instituto Politecnico Nacional, ESIME Culhuacan, Mexico City 04440, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7573-6272","authenticated-orcid":false,"given":"Luis Javier","family":"Garc\u00eda Villalba","sequence":"additional","affiliation":[{"name":"Group of Analysis, Security and Systems (GASS), Department of Software Engineering and Artificial Intelligence (DISIA), Faculty of Computer Science and Engineering, Office 431, Universidad Complutense de Madrid (UCM), Calle Profesor Jos\u00e9 Garc\u00eda Santesmases, 9, Ciudad Universitaria, 28040 Madrid, Spain"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2025,1,14]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"M\u00f6ller, D.P. (2023). Cybersecurity in digital transformation. Guide to Cybersecurity in Digital Transformation: Trends, Methods, Technologies, Applications and Best Practices, Springer.","DOI":"10.1007\/978-3-031-26845-8"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Beaulieu, N., Dascalu, S.M., and Hand, E. (2022, January 10\u201313). API-first design: A survey of the state of academia and industry. Proceedings of the ITNG 2022 19th International Conference on Information Technology-New Generations, Las Vegas, NV, USA.","DOI":"10.1007\/978-3-030-97652-1_10"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"4362","DOI":"10.1109\/TII.2019.2891261","article-title":"Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on Network, System, and Process Data","volume":"15","author":"Zhang","year":"2019","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Massaoudi, M., Refaat, S.S., and Abu-Rub, H. (2022, January 20\u201322). Intrusion Detection Method Based on SMOTE Transformation for Smart Grid Cybersecurity. Proceedings of the 2022 3rd International Conference on Smart Grid and Renewable Energy (SGRE), Doha, Qatar.","DOI":"10.1109\/SGRE53517.2022.9774070"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Chen, J., Mohamed, M.A., Dampage, U., Rezaei, M., Salmen, S.H., Obaid, S.A., and Annuk, A. (2021). A multi-layer security scheme for mitigating smart grid vulnerability against faults and cyber-attacks. Appl. Sci., 11.","DOI":"10.3390\/app11219972"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Souppaya, M., Scarfone, K., and Dodson, D. (2022). Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities.","DOI":"10.6028\/NIST.SP.800-218"},{"key":"ref_7","unstructured":"(2024, September 13). Common Vulnerabilities and Exposures (CVE). Available online: https:\/\/cve.mitre.org\/."},{"key":"ref_8","unstructured":"National Institute of Standards and Technology (2024, October 08). National Institute of Standards and Technology (NIST) Official Website, Available online: https:\/\/www.nist.gov."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Hom\u00e8s, B. (2024). Fundamentals of Software Testing, John Wiley & Sons.","DOI":"10.1002\/9781394298976"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"619","DOI":"10.1007\/s11219-023-09619-3","article-title":"From DevOps to DevSecOps is not enough. CyberDevOps: An extreme shifting-left architecture to bring cybersecurity within software security lifecycle pipeline","volume":"31","author":"Lombardi","year":"2023","journal-title":"Softw. Qual. J."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Li, W., Li, L., and Cai, H. (2022, January 18). On the vulnerability proneness of multilingual code. Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Singapore, Singapore.","DOI":"10.1145\/3540250.3549173"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"106894","DOI":"10.1016\/j.infsof.2022.106894","article-title":"Toward successful DevSecOps in software development organizations: A decision-making framework","volume":"147","author":"Akbar","year":"2022","journal-title":"Inf. Softw. Technol."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"3280","DOI":"10.1109\/TSE.2021.3087402","article-title":"Deep learning based vulnerability detection: Are we there yet?","volume":"48","author":"Chakraborty","year":"2021","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Mateo Tudela, F., Bermejo Higuera, J.R., Bermejo Higuera, J., Sicilia Montalvo, J.A., and Argyros, M.I. (2020). On combining static, dynamic and interactive analysis security testing tools to improve owasp top ten security vulnerability detection in web applications. Appl. Sci., 10.","DOI":"10.3390\/app10249119"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"3765","DOI":"10.1007\/s10207-024-00909-w","article-title":"Enhancing DevSecOps practice with Large Language Models and Security Chaos Engineering","volume":"23","author":"Bedoya","year":"2024","journal-title":"Int. J. Inf. Secur."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Rajapaksha, S., Senanayake, J., Kalutarage, H., and Al-Kadri, M.O. (2022, January 23\u201324). Ai-powered vulnerability detection for secure source code development. Proceedings of the International Conference on Information Technology and Communications Security, Bucharest, Romania.","DOI":"10.1007\/978-3-031-32636-3_16"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"103134","DOI":"10.1016\/j.cose.2023.103134","article-title":"Adversarial attacks against Windows PE malware detection: A survey of the state-of-the-art","volume":"128","author":"Ling","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Du, X., Wen, M., Zhu, J., Xie, Z., Ji, B., Liu, H., Shi, X., and Jin, H. (2024, January 11\u201316). Generalization-Enhanced Code Vulnerability Detection via Multi-Task Instruction Fine-Tuning. Proceedings of the Findings of the Association for Computational Linguistics ACL 2024, Bangkok, Thailand.","DOI":"10.18653\/v1\/2024.findings-acl.625"},{"key":"ref_19","unstructured":"Overflow, S. (2024, October 14). Stack Overflow. Available online: https:\/\/stackoverflow.com."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1007\/s13278-023-01171-z","article-title":"Cybersecurity discussions in Stack Overflow: A developer-centred analysis of engagement and self-disclosure behaviour","volume":"14","author":"Vidoni","year":"2023","journal-title":"Soc. Netw. Anal. Min."},{"key":"ref_21","first-page":"100","article-title":"A survey on data-driven software vulnerability assessment and prioritization","volume":"55","author":"Le","year":"2022","journal-title":"Acm Comput. Surv."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"11003","DOI":"10.1007\/s13369-021-05810-5","article-title":"COBERT: COVID-19 question answering system using BERT","volume":"48","author":"Alzubi","year":"2023","journal-title":"Arab. J. Sci. Eng."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Wang, Y., and Anderson, D.V. (2022, January 23\u201327). Hybrid attention-based prototypical networks for few-shot sound classification. Proceedings of the ICASSP 2022-2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Singapore, Singapore.","DOI":"10.1109\/ICASSP43922.2022.9746118"},{"key":"ref_24","unstructured":"Finn, C., Abbeel, P., and Levine, S. (2017, January 6\u201311). Model-agnostic meta-learning for fast adaptation of deep networks. Proceedings of the 34th International Conference on Machine Learning, ICML\u201917, JMLR.org, Sydney, Australia."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Wang, H., Wang, Y., Sun, R., and Li, B. (2022, January 18\u201324). Global convergence of maml and theory-inspired neural architecture search for few-shot learning. Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, New Orleans, LA, USA.","DOI":"10.1109\/CVPR52688.2022.00957"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"1462","DOI":"10.1109\/TIP.2022.3142530","article-title":"Learning to compare relation: Semantic alignment for few-shot learning","volume":"31","author":"Cao","year":"2022","journal-title":"IEEE Trans. Image Process."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"2244","DOI":"10.1109\/TDSC.2021.3051525","article-title":"Sysevr: A framework for using deep learning to detect software vulnerabilities","volume":"19","author":"Li","year":"2021","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"2821","DOI":"10.1109\/TDSC.2021.3076142","article-title":"Vuldeelocator: A deep learning-based fine-grained vulnerability detector","volume":"19","author":"Li","year":"2021","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Huang, W., Lin, S., and Chen, L. (2022). Bbvd: A bert-based method for vulnerability detection. Int. J. Adv. Comput. Sci. Appl., 13.","DOI":"10.14569\/IJACSA.2022.01312103"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Omar, M. (2023, January 22\u201324). VulDefend: A Novel Technique based on Pattern-exploiting Training for Detecting Software Vulnerabilities Using Language Models. Proceedings of the 2023 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT), Amman, Jordan.","DOI":"10.1109\/JEEIT58638.2023.10185860"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"564","DOI":"10.1109\/TSE.2022.3156637","article-title":"Seqtrans: Automatic vulnerability fix via sequence to sequence learning","volume":"49","author":"Chi","year":"2022","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1109\/TSE.2022.3147265","article-title":"Neural transfer learning for repairing security vulnerabilities in c code","volume":"49","author":"Chen","year":"2022","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"64446","DOI":"10.1109\/ACCESS.2024.3396410","article-title":"DB-CBIL: A DistilBert-Based Transformer Hybrid Model using CNN and BiLSTM for Software Vulnerability Detection","volume":"12","author":"Bahaa","year":"2024","journal-title":"IEEE Access"},{"key":"ref_34","unstructured":"Foley, S.N., Gollmann, D., and Snekkenes, E. (2017, January 14). VuRLE: Automatic Vulnerability Detection and Repair by Learning from Examples. Proceedings of the Computer Security\u2014ESORICS 2017, Oslo, Norway."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Zhang, X., Zhang, F., Zhao, B., Zhou, B., and Xiao, B. (2023, January 4\u20136). VulD-Transformer: Source Code Vulnerability Detection via Transformer. Proceedings of the 14th Asia-Pacific Symposium on Internetware, Hangzhou, China.","DOI":"10.1145\/3609437.3609451"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Espinha Gasiba, T., Iosif, A.C., Kessba, I., Amburi, S., Lechner, U., and Pinto-Albuquerque, M. (2024). May the Source Be with You: On ChatGPT, Cybersecurity, and Secure Coding. Information, 15.","DOI":"10.3390\/info15090572"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Bhandari, G., Naseer, A., and Moonen, L. (2021, January 19\u201320). CVEfixes: Automated collection of vulnerabilities and their fixes from open-source software. Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering, Athens, Greece.","DOI":"10.1145\/3475960.3475985"},{"key":"ref_38","unstructured":"(2024, September 13). Common Weakness Enumeration (CWE). Available online: https:\/\/cwe.mitre.org\/."},{"key":"ref_39","unstructured":"(2024, September 13). Common Vulnerability Scoring System (CVSS). Available online: https:\/\/www.first.org\/cvss\/."},{"key":"ref_40","unstructured":"National Institute of Standards and Technology (NIST) (2024, September 13). National Vulnerability Database (NVD), Available online: https:\/\/nvd.nist.gov\/."},{"key":"ref_41","unstructured":"(2024, September 17). Software Assurance Metrics And Tool Evaluation (SAMATE), Available online: https:\/\/samate.nist.gov\/."},{"key":"ref_42","unstructured":"(2024, September 17). NIST Software Assurance Reference Dataset, Available online: https:\/\/samate.nist.gov\/SARD\/."},{"key":"ref_43","unstructured":"OWASP Foundation (2024, October 22). OWASP Top Ten 2021: The Ten Most Critical Web Application Security Risks. Available online: https:\/\/owasp.org\/Top10\/."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"102532","DOI":"10.1016\/j.ipm.2021.102532","article-title":"A sentiment-aware deep learning approach for personality detection from text","volume":"58","author":"Ren","year":"2021","journal-title":"Inf. Process. Manag."},{"key":"ref_45","unstructured":"(2024, September 13). SonarQube: Continuous Code Quality. Available online: https:\/\/www.sonarqube.org\/."},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3582688","article-title":"A comprehensive survey of few-shot learning: Evolution, applications, challenges, and opportunities","volume":"55","author":"Song","year":"2023","journal-title":"Acm Comput. Surv."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"108976","DOI":"10.1016\/j.knosys.2022.108976","article-title":"Multimodality in meta-learning: A comprehensive survey","volume":"250","author":"Ma","year":"2022","journal-title":"Knowl.-Based Syst."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"4483","DOI":"10.1007\/s10462-021-10004-4","article-title":"A survey of deep meta-learning","volume":"54","author":"Huisman","year":"2021","journal-title":"Artif. Intell. Rev."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Jamal, M.A., and Qi, G.J. (2019, January 15\u201320). Task Agnostic Meta-Learning for Few-Shot Learning. Proceedings of the 2019 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Long Beach, CA, USA.","DOI":"10.1109\/CVPR.2019.01199"},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Behera, S.K., and Dash, R. (2022). Fine-Tuning of a BERT-Based Uncased Model for Unbalanced Text Classification. Advances in Intelligent Computing and Communication, Springer.","DOI":"10.1007\/978-981-19-0825-5_40"},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Griva, A.I., Boursianis, A.D., Iliadis, L.A., Sarigiannidis, P., Karagiannidis, G., and Goudos, S.K. (2023, January 28\u201330). Model-Agnostic Meta-Learning Techniques: A State-of-The-Art Short Review. Proceedings of the 2023 12th International Conference on Modern Circuits and Systems Technologies (MOCAST), Athens, Greece.","DOI":"10.1109\/MOCAST57943.2023.10176893"},{"key":"ref_52","first-page":"5469","article-title":"Generalization of model-agnostic meta-learning algorithms: Recurring and unseen tasks","volume":"34","author":"Fallah","year":"2021","journal-title":"Adv. Neural Inf. Process. Syst."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"108374","DOI":"10.1109\/ACCESS.2022.3212767","article-title":"Neural architecture search for transformers: A survey","volume":"10","author":"Emani","year":"2022","journal-title":"IEEE Access"},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1016\/j.patrec.2020.07.015","article-title":"Improved prototypical networks for few-shot learning","volume":"140","author":"Ji","year":"2020","journal-title":"Pattern Recognit. Lett."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"463","DOI":"10.1016\/j.neucom.2020.05.114","article-title":"A concise review of recent few-shot meta-learning methods","volume":"456","author":"Li","year":"2021","journal-title":"Neurocomputing"},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Banerjee, T., Thurlapati, N.R., Pavithra, V., Mahalakshmi, S., Eledath, D., and Ramasubramanian, V. (2021, January 23\u201327). Few-shot learning for frame-wise phoneme recognition: Adaptation of matching networks. Proceedings of the 2021 29th European Signal Processing Conference (EUSIPCO), Dublin, Ireland.","DOI":"10.23919\/EUSIPCO54536.2021.9616234"},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"2984","DOI":"10.1080\/02664763.2019.1709053","article-title":"Bayesian rank-based hypothesis testing for the rank sum test, the signed rank test, and Spearman\u2019s \u03c1","volume":"47","author":"Ly","year":"2020","journal-title":"J. Appl. Stat."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"1504","DOI":"10.1080\/10447318.2021.2004699","article-title":"Big I notation to estimate the interaction complexity of interaction concepts","volume":"38","author":"Degen","year":"2022","journal-title":"Int. J. Hum. Comput. Interact."},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"45","DOI":"10.21528\/LNLM-vol15-no1-art3","article-title":"Qualitative analysis of deep learning frameworks","volume":"15","author":"Gutoski","year":"2017","journal-title":"Learn. Nonlinear Model."},{"key":"ref_60","first-page":"101261","article-title":"Integrating Security with DevSecOps: Techniques and Challenges","volume":"8","author":"Zhu","year":"2020","journal-title":"IEEE Access"},{"key":"ref_61","doi-asserted-by":"crossref","unstructured":"Jones, S.L., and Weber, T.J. (2022). Holding on to Compliance While Adopting DevSecOps: An SLR. Electronics, 11.","DOI":"10.3390\/electronics11223707"}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/17\/1\/33\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,8]],"date-time":"2025-10-08T10:28:34Z","timestamp":1759919314000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/17\/1\/33"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1,14]]},"references-count":61,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,1]]}},"alternative-id":["fi17010033"],"URL":"https:\/\/doi.org\/10.3390\/fi17010033","relation":{},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1,14]]}}}