Is this your profile?
Claim your Citation Index profile in order to display more information about you and gain access to Libraries services. Just create or connect your ORCID iD.
2023 article
Do Software Security Practices Yield Fewer Vulnerabilities?
2023 IEEE/ACM 45TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: SOFTWARE ENGINEERING IN PRACTICE, ICSE-SEIP, pp. 292–303.
2023 article
Software Supply Chain Risk Assessment Framework
2023 IEEE/ACM 45TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS, ICSE-COMPANION, pp. 251–255.
2022 journal article
Do I really need all this work to find vulnerabilities? An empirical case study comparing vulnerability detection techniques on a Java application
EMPIRICAL SOFTWARE ENGINEERING, 27(6).
2022 article
What are Weak Links in the npm Supply Chain?
2022 ACM/IEEE 44TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: SOFTWARE ENGINEERING IN PRACTICE (ICSE-SEIP 2022), pp. 331–340.
2021 article
Structuring a Comprehensive Software Security Course Around the OWASP Application Security Verification Standard
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: JOINT TRACK ON SOFTWARE ENGINEERING EDUCATION AND TRAINING (ICSE-JSEET 2021), pp. 95–104.