Disclosed are an apparatus and a method for detecting security weakness of a source code in real time according to a file change. In the apparatus and the method for detecting security weakness of a source code in real time according to a file change according to an embodiment of the present invention, when a developer generates a file, a hash value of the file is generated. At least one method from a source code constituting the file and the other method called by the execution of the at least one method are extracted. The hash value, the at least one method and the other method are stored in a database. When a storage event for the file occurs due to the correction of the file by the developer, security weakness detection is not performed on the whole source code constituting the file. Instead, whether the file is changed is firstly checked through comparison of hash values for the file, and then when the file is checked to be changed, referring to the database, whether the at least one method constituting the file is changed is checked, and then security weakness detection is performed only on the other method called by the changed method and according to execution of the applicable method, thereby shortening the time required for security weakness detection to be performed as the file is changed to allow the security weakness detection to be performed on the source code of the applicable file in real time according to the file change.;COPYRIGHT KIPO 2016
展开▼
