| Do I really need all this work to find vulnerabilities? | 0 | 0.34 | 2022 |
| Dazzle: Using Optimized Generative Adversarial Networks to Address Security Data Class Imbalance Issue | 0 | 0.34 | 2022 |
| Omni: automated ensemble with unexpected models against adversarial evasion attack | 0 | 0.34 | 2022 |
| Why secret detection tools are not enough: It’s not just about false positives - An industrial case study | 0 | 0.34 | 2022 |
| Improving Vulnerability Inspection Efficiency Using Active Learning | 4 | 0.37 | 2021 |
| A comparative study of vulnerability reporting by software composition analysis tools | 0 | 0.34 | 2021 |
| How To Better Distinguish Security Bug Reports (Using Dual Hyperparameter Optimization) | 0 | 0.34 | 2021 |
| Security Smells in Ansible and Chef Scripts: A Replication Study | 2 | 0.37 | 2021 |
| The People Who Live in Glass Houses Are Happy the Stones Weren't Thrown at Them [From the Editors] | 0 | 0.34 | 2021 |
| Understanding Software Security from Design to Deployment | 0 | 0.34 | 2020 |
| The 'as Code' Activities: Development Anti-patterns for Infrastructure as Code | 5 | 0.42 | 2020 |
| Share, But be Aware: Security Smells in Python Gists | 1 | 0.35 | 2019 |
| Science Leaves Clues | 0 | 0.34 | 2019 |
| The seven sins: security smells in infrastructure as code scripts | 15 | 0.62 | 2019 |
| Better Security Bug Report Classification via Hyperparameter Optimization. | 0 | 0.34 | 2019 |
| Engineering Security Vulnerability Prevention, Detection, and Response. | 1 | 0.36 | 2018 |
| A comparative analysis of manual methods for analyzing security requirements in regulatory documents: POSTER. | 0 | 0.34 | 2018 |
| Continuously integrating security. | 0 | 0.34 | 2018 |
| Toward extraction of security requirements from text: poster. | 0 | 0.34 | 2018 |
| Mapping the field of software life cycle security metrics. | 3 | 0.38 | 2018 |
| Attack surface definitions: A systematic literature review. | 2 | 0.40 | 2018 |
| Software Engineering Research at the International Conference on Software Engineering in 2016. | 0 | 0.34 | 2017 |
| Which Factors Influence Practitioners' Usage of Build Automation Tools? | 2 | 0.39 | 2017 |
| The rising tide lifts all boats: the advancement of science in cyber security (invited talk) | 0 | 0.34 | 2017 |
| Identifying the implied: Findings from three differentiated replications on the use of security requirements templates. | 4 | 0.40 | 2017 |
| Teaching Secure Software Development Through an Online Course. | 0 | 0.34 | 2017 |
| Risk-Based Attack Surface Approximation: How Much Data Is Enough? | 7 | 0.48 | 2017 |
| Writing good software engineering research papers: revisited. | 2 | 0.37 | 2017 |
| Characterizing Experimentation in Continuous Deployment: A Case Study on Bing. | 11 | 0.54 | 2017 |
| Measuring Security Practice Use: A Case Study at IBM. | 0 | 0.34 | 2017 |
| DIGS: A Framework for Discovering Goals for Security Requirements Engineering. | 4 | 0.38 | 2016 |
| A grounded analysis of experts' decision-making during security assessments. | 1 | 0.36 | 2016 |
| ICON: Inferring Temporal Constraints from Natural Language API Descriptions. | 0 | 0.34 | 2016 |
| Continuous deployment at Facebook and OANDA. | 28 | 0.98 | 2016 |
| Software security education at scale. | 0 | 0.34 | 2016 |
| Synthesizing Continuous Deployment Practices Used in Software Development | 20 | 1.00 | 2015 |
| Hidden in plain sight: Automatically identifying security requirements from natural language artifacts | 20 | 0.86 | 2014 |
| Log your CRUD: design principles for software logging mechanisms. | 3 | 0.46 | 2014 |
| Software Development Analytics (Dagstuhl Seminar 14261). | 1 | 0.41 | 2014 |
| Using templates to elicit implied security requirements from functional requirements - a controlled experiment | 6 | 0.53 | 2014 |
| Relation extraction for inferring access control rules from natural language artifacts. | 12 | 0.61 | 2014 |
| On Coverage-Based Attack Profiles | 0 | 0.34 | 2014 |
| An experience report for software quality evaluation in highly iterative development methodology using traditional metrics. | 4 | 0.48 | 2013 |
| Using software reliability models for security assessment — Verification of assumptions | 1 | 0.43 | 2013 |
| A comparative evaluation of static analysis actionable alert identification techniques | 5 | 0.43 | 2013 |
| Non-operational testing of software for security issues | 1 | 0.43 | 2013 |
| A comparison of the efficiency and effectiveness of vulnerability discovery techniques. | 12 | 0.61 | 2013 |
| Have Agile Techniques been the Silver Bullet for Software Development at Microsoft? | 22 | 1.51 | 2013 |
| An analysis of HIPAA breach data | 0 | 0.34 | 2012 |
| What agile teams think of agile principles | 48 | 1.77 | 2012 |
