Abstract is missing.
- Panel: Building a Business around Secure DevelopmentNadia Carlsten, Reed Sturtevant, Chris Wysopal, Andreas Kuehlmann, Robert Cunningham. [doi]
- Hands-On Tutorial: Auditing Static Analysis Alerts Using a Lexicon & RulesLori Flynn, David Svoboda, William Snavely. 1-2 [doi]
- Automated Assessment Tools and the Software Assurance Marketplace (SWAMP)James A. Kupsch. 3 [doi]
- Input Handling Done Right: Building Hardened Parsers Using Language-Theoretic SecurityPrashant Anantharaman, Michael C. Millian, Sergey Bratus, Meredith L. Patterson. 4-5 [doi]
- Java Deserialization Vulnerabilities and MitigationsRobert C. Seacord. 6-7 [doi]
- Angr - The Next Generation of Binary AnalysisFish Wang, Yan Shoshitaishvili. 8-9 [doi]
- A Machine Learning Approach to SDLRaghudeep Kannavara, Gilad Gressel, Damilare Fagbemi, Richard Chow. 10-15 [doi]
- Improving Attention to Security in Software Design with Analytics and Cognitive TechniquesJim Whitmore, William Tobin. 16-21 [doi]
- Developers Need Support, Too: A Survey of Security Advice for Software DevelopersYasemin Acar, Christian Stransky, Dominik Wermke, Charles Weir, Michelle L. Mazurek, Sascha Fahl. 22-26 [doi]
- A Software Solution for Hardware VulnerabilitiesKomail Dharsee, Ethan Johnson, John Criswell. 27-33 [doi]
- ASLR: How Robust Is the Randomness?Jonathan Ganz, Sean Peisert. 34-41 [doi]
- Layering Security at Global Control Points to Secure Unmodified SoftwareScott Ruoti, Kent E. Seamons, Daniel Zappala. 42-49 [doi]
- Empirical Studies on the Security and Usability Impact of ImmutabilitySam Weber, Michael J. Coblenz, Brad A. Myers, Jonathan Aldrich, Joshua Sunshine. 50-53 [doi]
- Securing Dataverse with an Adapted Command Design PatternGustavo Durand, Michael Bar-Sinai, Mercè Crosas. 54-60 [doi]
- Program Analysis of Cryptographic Implementations for SecuritySazzadur Rahaman, Danfeng Yao. 61-68 [doi]
- FaCT: A Flexible, Constant-Time Programming LanguageSunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, Deian Stefan. 69-76 [doi]
- Something Is Better Than Everything: A Distributed Approach to Audit Log Anomaly DetectionIsis Rose, Nicholas Felts, Alexander George, Emily Miller, Max Planck. 77-82 [doi]
- Evaluation of Software Vulnerabilities in Vehicle Electronic Control UnitsJesse Edwards, Ameer Kashani, Gopalakrishnan Iyer. 83-84 [doi]
- Creating Abuse Cases Based on Attack Patterns: A User StudyImano Williams, Xiaohong Yuan. 85-86 [doi]