Investigating system operators' perspective on security misconfigurations
C Dietrich, K Krombholz, K Borgolte… - Proceedings of the 2018 …, 2018 - dl.acm.org
Nowadays, security incidents have become a familiar" nuisance," and they regularly lead to
the exposure of private and sensitive data. The root causes for such incidents are rarely …
the exposure of private and sensitive data. The root causes for such incidents are rarely …
Don't shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure
In the computer science field coordinated vulnerability disclosure is a well-known practice
for finding flaws in IT-systems and patching them. In this practice, a white-hat hacker who …
for finding flaws in IT-systems and patching them. In this practice, a white-hat hacker who …
Turning contradictions into innovations or: How we learned to stop whining and improve security operations
Efforts to improve the efficiency of security operation centers (SOCs) have emphasized
building tools for analysts or understanding the human and organizational factors involved …
building tools for analysts or understanding the human and organizational factors involved …
Keepers of the machines: Examining how system administrators manage software updates for multiple machines
Keeping machines updated is crucial for maintaining system security. While recent studies
have investigated the software updating practices of end users, system administrators have …
have investigated the software updating practices of end users, system administrators have …
" You've got your nice list of bugs, now what?" vulnerability discovery and management processes in the wild
Organizational security teams have begun to specialize, and as a result, the existence of
red, blue, and purple teams have been used as signals for an organization's security …
red, blue, and purple teams have been used as signals for an organization's security …
Challenges to cybersecurity: Current state of affairs
R Sen - Communications of the Association for Information …, 2018 - aisel.aisnet.org
Despite increasing investment in cybersecurity initiatives, incidents such as data breach,
malware infections, and cyberattacks on cyberphysical systems show an upward trend. I …
malware infections, and cyberattacks on cyberphysical systems show an upward trend. I …
Security, availability, and multiple information sources: Exploring update behavior of system administrators
Experts agree that keeping systems up to date is a powerful security measure. Previous
work found that users sometimes explicitly refrain from performing timely updates, eg, due to …
work found that users sometimes explicitly refrain from performing timely updates, eg, due to …
Do not blame users for misconfigurations
Similar to software bugs, configuration errors are also one of the major causes of today's
system failures. Many configuration issues manifest themselves in ways similar to software …
system failures. Many configuration issues manifest themselves in ways similar to software …
Heartbleed 101
M Carvalho, J DeMott, R Ford… - IEEE security & …, 2014 - ieeexplore.ieee.org
Described by some as the worst vulnerability since e-commerce began on the Internet, one
word sums up what this Basic Training column is all about: Heartbleed. Although we don't …
word sums up what this Basic Training column is all about: Heartbleed. Although we don't …
Understanding security mistakes developers make: Qualitative analysis from build it, break it, fix it
Secure software development is a challenging task requiring consideration of many possible
threats and mitigations. This paper investigates how and why programmers, despite a …
threats and mitigations. This paper investigates how and why programmers, despite a …