Write a Blog >>
TechDebt 2020
Sun 28 - Tue 30 June 2020
co-located with ICSE 2020
Sun 28 Jun 2020 15:30 - 16:15 at TechDebt - Keynote 1 Chair(s): Matthias Galster

While engineers are increasingly aware of security requirements, in many organizations security remains the responsibility of “those security people” and is not tightly integrated into the development cycle. Productivity and feature goals can result in engineers focusing on deployment rather than on fixing non-critical security issues or on building security into a product, resulting in an increase of security technical debt. Attackers eagerly exploit the vulnerabilities lying in the security technical debt pile. Organizations can benefit from risk-based practices for shrinking this debt. This talk will present two research projects in which risk is being used to prioritize security mitigations. The first project is focused on reducing secrets and credentials that have been checked into a code base. The second project relates to the prioritization of patching the continuous onslaught of vulnerable components and libraries that comprise a product.

Sun 28 Jun
Times are displayed in time zone: (UTC) Coordinated Universal Time change

15:30 - 16:15: TechDebt 2020 - Keynote 1 at TechDebt
Chair(s): Matthias GalsterUniversity of Canterbury

The keynote includes a 30 minute talk followed by a 15 minute Q&A.

TechDebt-2020-papers15:30 - 16:15
Laurie WilliamsNorth Carolina State University