Proceedings of the Conference on The Future of Software Engineering
Writing Secure Code
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Risk Analysis in Software Design
IEEE Security and Privacy
Evaluating information security investments using the analytic hierarchy process
Communications of the ACM - Medical image modeling
Value-Based Software Engineering
Value-Based Software Engineering
Improving CVSS-based vulnerability prioritization and response with context information
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Quantifying security risk level from CVSS estimates of frequency and impact
Journal of Systems and Software
| Hi-index | 0.00 |
As the trend of the usage of third party Commercial-Off-The-Shelf (COTS) and open source software continuously increases [2], COTS security has become a major concern for many organizations whose daily business extensively relies upon a healthy IT infrastructure. But, according to the 2006 CSI/FBI computer criminal survey, 47% of the surveyed organizations only spent no more than 2% of the IT budget in security. Often, competing with limited IT resources and the fast changing internet threats, the ability to prioritize security vulnerabilities and address them efficiently has become a critical success factor for every security manager.