Secure development is not just a technical problem: it’s a human and organizational problem as well. To understand the causes of insecurity, and find effective solutions, we must understand how and why security problems happen, and what barriers stand in the way of fixing them. How can we make it easier for developers to write secure code, even without special training? In this talk, I will report on findings from several recent studies addressing these questions. These include examining the effects of information resources and API design on developers' likelihood of writing secure code; using data from a secure programming contest to explore the kinds of security mistakes developers make; and exploring the benefits and barriers associated ...
Eleanor Roosevelt once said: Learn from the mistakes of others. You can’t live long enough to make ...
Security of software systems is of general concern, yet breaches caused by common vulnerabilities st...
This paper describes materials developed to engage professional developers in discussions about secu...
This webinar presents the results of Trusted CI's 2021 examination of the state of software assuranc...
Advances in computer systems over the past decade have laid a solid foundation for data collection a...
As software-intensive digital systems become an integral part of modern life, ensuring that these sy...
Modern web development comes with a variety of challenges that developers must consider, such as acc...
In this presentation, we will present the motivations behind and structure for the Trusted CI Framew...
Security of software systems is of general concern, yet breaches caused by common vulnerabilities st...
My research interests span the areas of systems, programming languages, and security. I particularly...
Developing secure software is still an important issue in the computing world. Big software firms sp...
A troubling development in the cyber realm is society’s acceptance of the expectation that all softw...
The advancement of technology has made the development of software applications become unstoppabl...
The Department of Homeland Security in the United States estimates that 90% of software vulnerabilit...
Susan Sons, Deputy Director of the Research Security Operations Center (ResearchSOC) will provide a ...
Eleanor Roosevelt once said: Learn from the mistakes of others. You can’t live long enough to make ...
Security of software systems is of general concern, yet breaches caused by common vulnerabilities st...
This paper describes materials developed to engage professional developers in discussions about secu...
This webinar presents the results of Trusted CI's 2021 examination of the state of software assuranc...
Advances in computer systems over the past decade have laid a solid foundation for data collection a...
As software-intensive digital systems become an integral part of modern life, ensuring that these sy...
Modern web development comes with a variety of challenges that developers must consider, such as acc...
In this presentation, we will present the motivations behind and structure for the Trusted CI Framew...
Security of software systems is of general concern, yet breaches caused by common vulnerabilities st...
My research interests span the areas of systems, programming languages, and security. I particularly...
Developing secure software is still an important issue in the computing world. Big software firms sp...
A troubling development in the cyber realm is society’s acceptance of the expectation that all softw...
The advancement of technology has made the development of software applications become unstoppabl...
The Department of Homeland Security in the United States estimates that 90% of software vulnerabilit...
Susan Sons, Deputy Director of the Research Security Operations Center (ResearchSOC) will provide a ...
Eleanor Roosevelt once said: Learn from the mistakes of others. You can’t live long enough to make ...
Security of software systems is of general concern, yet breaches caused by common vulnerabilities st...
This paper describes materials developed to engage professional developers in discussions about secu...