1. Unhelpful Assumptions in Software Security Research;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15

2. Security Champions Without Support: Results from a Case Study with OWASP SAMM in a Large-Scale E-Commerce Enterprise;Proceedings of the 2023 European Symposium on Usable Security;2023-10-16

3. The State of Secure Coding Practice: Small Organisations and “Lone, Rogue Coders”;2023 IEEE/ACM 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS);2023-05

4. Do Software Security Practices Yield Fewer Vulnerabilities?;2023 IEEE/ACM 45th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP);2023-05

5. Measuring Secure Coding Practice and Culture: A Finger Pointing at the Moon is not the Moon;2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE);2023-05