Security notifications in static analysis tools: Developers' attitudes, comprehension, and ability to act on them
Static analysis tools (SATs) have the potential to assist developers in finding and fixing
vulnerabilities in the early stages of software development, requiring them to be able to …
vulnerabilities in the early stages of software development, requiring them to be able to …
Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners
Offensive security-tests are commonly employed to pro-actively discover potential
vulnerabilities. They are performed by specialists, also known as penetration-testers or white …
vulnerabilities. They are performed by specialists, also known as penetration-testers or white …
[HTML][HTML] Coordinated vulnerability disclosure programme effectiveness: Issues and recommendations
T Walshe, AC Simpson - Computers & Security, 2022 - Elsevier
Abstract Coordinated Vulnerability Disclosure (CVD) programmes leverage a global network
of independent security researchers (hackers) to support pre-and post-deployment security …
of independent security researchers (hackers) to support pre-and post-deployment security …
[PDF][PDF] The security mindset: characteristics, development, and consequences
K Schoenmakers, D Greene, S Stutterheim… - Journal of …, 2023 - academic.oup.com
The world is facing a cybersecurity skills gap as cybercrime and cyberwarfare grow in
importance. One often-discussed quality that is potentially relevant to cybersecurity …
importance. One often-discussed quality that is potentially relevant to cybersecurity …
Trustworthiness models to categorize and prioritize code for security improvement
The exploitation of software security vulnerabilities can have severe consequences. Thus, it
is crucial to devise new processes, techniques, and tools to support teams in the …
is crucial to devise new processes, techniques, and tools to support teams in the …
Securing agile: Assessing the impact of security activities on agile development
A Thool, C Brown - Proceedings of the 28th International Conference on …, 2024 - dl.acm.org
Software systems are expected to be secure and robust. To verify and ensure software
security, it is vital to include security activities, or development practices to detect and …
security, it is vital to include security activities, or development practices to detect and …
AutoRed: Automating Red Team Assessment via Strategic Thinking Using Reinforcement Learning
K Hasegawa, S Hidano, K Fukushima - Proceedings of the Fourteenth …, 2024 - dl.acm.org
As security risks to network systems have grown, red team assessment has emerged as a
powerful methodology for discovering vulnerabilities. Such assessments are difficult to …
powerful methodology for discovering vulnerabilities. Such assessments are difficult to …
[PDF][PDF] Challenges of DevSecOps
C Colliander - English. Master's thesis. University of Helsinki …, 2022 - helda.helsinki.fi
The field of software development has experienced a push towards ever faster software
releases (Hüttermann, 2012). With the need to release software faster to the market, the …
releases (Hüttermann, 2012). With the need to release software faster to the market, the …
Artificial Intelligence Cyberattacks in Red Teaming: A Scoping Review
M Al-Azzawi, D Doan, T Sipola, J Hautamäki… - World Conference on …, 2024 - Springer
Advances in artificial intelligence are creating possibilities to use these methods in red team
activities, such as cyberattacks. These AI attacks can automate the process of penetrating a …
activities, such as cyberattacks. These AI attacks can automate the process of penetrating a …
Artificial Intelligence in Red Teaming
M Al-Azzawi - 2024 - theseus.fi
Red teaming involves simulating real world attacks on targets such as organizations,
infrastructure, or individuals to test their defences and assess the vulnerabilities. Artificial …
infrastructure, or individuals to test their defences and assess the vulnerabilities. Artificial …