Seminars & Colloquia
Kelsey Fulton (they/them)
University of Maryland
"Understanding and Improving Secure Development from a Human-Centered Perspective"
Friday January 13, 2023 10:00 AM
Location: 3211, EB2 NCSU Centennial Campus
(Visitor parking instructions)
In this talk, I will highlight how and why developers introduce vulnerabilities, as well as why current secure tooling, interventions, and organizational processes fail developers and security professionals and how we can improve them. First, I will discuss why and how developers introduced, found, and fixed different types of vulnerabilities, empirically uncovering an overwhelming need for investment in tooling or processes that can uncover and correct conceptual misunderstandings of security concepts. Then, I will present two studies exploring current issues with secure tooling and security communities through the use of interviews and a survey. Going forward, I plan to study the security assumptions developers make in order to improve security tooling, processes, and resources.
Host: Will Enck, CSC