The Most Addictive Python and SQL Courses
Build AI Apps with Azure, Copilot, and Generative AI — Microsoft Certified
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a research presentation examining how developers use Software Composition Analysis (SCA) tools and the challenges they face in managing vulnerability alerts. Learn about findings from 20 developer interviews that reveal how SCA tools are integrated into build pipelines and workflows, how vulnerability reports are interpreted and acted upon, and the key obstacles encountered in practice. Discover why developers struggle with the overwhelming number of vulnerability alerts and find that SCA tool information is often too generic, lacking crucial context about infrastructure, network configurations, reachability, and exploitability. Understand the research conclusions emphasizing that context is essential throughout the SCA process, including for impact evaluation, determining when to trigger SCA scans, and effectively integrating and communicating tool findings to improve software security practices.
Syllabus
USENIX Security '25 - Context Matters: Qualitative Insights into Developers' Approaches and...
Taught by
USENIX