1. Comparing the Usability of Cryptographic APIs

2. You Get Where You're Looking for: The Impact of Information Sources on Code Security

3. Nikolaos Alexopoulos , Manuel Brack , Jan Philipp Wagner , Tim Grube , and Max Mühlhäuser . 2022 . How Long Do Vulnerabilities Live in the Code? A {Large-Scale} Empirical Measurement Study on {FOSS} Vulnerability Lifetimes . In 31st USENIX Security Symposium (USENIX Security 22) . 359--376. Nikolaos Alexopoulos, Manuel Brack, Jan Philipp Wagner, Tim Grube, and Max Mühlhäuser. 2022. How Long Do Vulnerabilities Live in the Code? A {Large-Scale} Empirical Measurement Study on {FOSS} Vulnerability Lifetimes. In 31st USENIX Security Symposium (USENIX Security 22). 359--376.

4. Noura Alomar , Primal Wijesekera , Edward Qiu , and Serge Egelman . 2020 . " You've got your nice list of bugs, now what?" vulnerability discovery and management processes in the wild . In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 319--339. Noura Alomar, Primal Wijesekera, Edward Qiu, and Serge Egelman. 2020. "You've got your nice list of bugs, now what?" vulnerability discovery and management processes in the wild. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 319--339.

5. Nuno Antunes and Marco Vieira. 2009. Comparing the effectiveness of penetration testing and static code analysis on the detection of sql injection vulnerabilities in web services. In 2009 15th IEEE pacific rim international symposium on dependable computing. IEEE 301--306. Nuno Antunes and Marco Vieira. 2009. Comparing the effectiveness of penetration testing and static code analysis on the detection of sql injection vulnerabilities in web services. In 2009 15th IEEE pacific rim international symposium on dependable computing. IEEE 301--306.