A survey on developer-centred security
Software developers are key players in the security ecosystem as they produce code that
runs on millions of devices. Yet we continue to see insecure code being developed and …
runs on millions of devices. Yet we continue to see insecure code being developed and …
Smart contract security: A practitioners' perspective
Smart contracts have been plagued by security incidents, which resulted in substantial
financial losses. Given numerous research efforts in addressing the security issues of smart …
financial losses. Given numerous research efforts in addressing the security issues of smart …
{“Security} is not my field,{I'm} a stats {guy”}: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry
Adversarial machine learning (AML) has the potential to leak training data, force arbitrary
classifications, and greatly degrade overall performance of machine learning models, all of …
classifications, and greatly degrade overall performance of machine learning models, all of …
Less is more: Supporting developers in vulnerability detection during code review
Reviewing source code from a security perspective has proven to be a difficult task. Indeed,
previous research has shown that developers often miss even popular and easy-to-detect …
previous research has shown that developers often miss even popular and easy-to-detect …
A passion for security: Intervening to help software developers
While the techniques to achieve secure, privacy-preserving software are now well
understood, evidence shows that many software development teams do not use them: they …
understood, evidence shows that many software development teams do not use them: they …
Developer-centered security and the symmetry of ignorance
In contemporary software development anybody can become a developer, sharing, building
and interacting with software components and services in a virtual free for all. In this …
and interacting with software components and services in a virtual free for all. In this …
Interventions for long‐term software security: Creating a lightweight program of assurance techniques for developers
Though some software development teams are highly effective at delivering security, others
either do not care or do not have access to security experts to teach them how …
either do not care or do not have access to security experts to teach them how …
Code reviewing as methodology for online security studies with developers-a case study with freelancers on password storage
A Danilova, A Naiakshina, A Rasgauski… - … Symposium on Usable …, 2021 - usenix.org
While ample experience with end-user studies exists, only little is known about studies with
software developers in a security context. In past research investigating the security …
software developers in a security context. In past research investigating the security …
Incorporating software security: using developer workshops to engage product managers
Evidence from data breach reports shows that many competent software development teams
still do not implement secure, privacy-preserving software, even though techniques to do so …
still do not implement secure, privacy-preserving software, even though techniques to do so …
Interventions for software security: creating a lightweight program of assurance techniques for developers
Though some software development teams are highly effective at delivering security, others
either do not care or do not have access to security experts to teach them how …
either do not care or do not have access to security experts to teach them how …