Early identification of security issues in software development is vital to minimize their
unanticipated impacts. Code review is a widely used manual analysis method that aims to …

Passwords play a crucial role in authentication, ensuring that only authorised entities can
access sensitive information. However, user password choices are often weak and …

To avoid software vulnerabilities, organizations are shifting security to earlier stages of the
software development, such as at code review time. In this paper, we aim to understand the …

Reviewing source code from a security perspective has proven to be a difficult task. Indeed,
previous research has shown that developers often miss even popular and easy-to-detect …

Understanding what affects software developer productivity can help organizations choose
wise investments in their technical and social environment. But the research literature either …

Developers struggle to program securely. Prior works have reviewed the methods used to
run user-studies with developers, systematized the ancestry of security API usability …

Software vulnerabilities resulting from coding weaknesses and poor development practices
are common. Attackers can exploit these vulnerabilities and impact the security and privacy …

The most popular code review tools (eg, Gerrit and GitHub) present the files to review sorted
in alphabetical order. Could this choice or, more generally, the relative position in which a …

Typical users are known to use and reuse weak passwords. Yet, as cybersecurity concerns
continue to rise, understanding the password practices of software developers becomes …

Web applications are the public-facing components of information systems, which makes
them an easy entry point for various types of attacks. While it is often the responsibility of …