Quantifying developers' adoption of security tools
J Witschey, O Zielinska, A Welk, E Murphy-Hill… - Proceedings of the …, 2015 - dl.acm.org
J Witschey, O Zielinska, A Welk, E Murphy-Hill, C Mayhorn, T Zimmermann
Proceedings of the 2015 10th Joint Meeting on Foundations of Software …, 2015•dl.acm.orgSecurity tools could help developers find critical vulnerabilities, yet such tools remain
underused. We surveyed developers from 14 companies and 5 mailing lists about their
reasons for using and not using security tools. The resulting thirty-nine predictors of security
tool use provide both expected and unexpected insights. As we expected, developers who
perceive security to be important are more likely to use security tools than those who do not.
But that was not the strongest predictor of security tool use, it was instead developers' ability …
underused. We surveyed developers from 14 companies and 5 mailing lists about their
reasons for using and not using security tools. The resulting thirty-nine predictors of security
tool use provide both expected and unexpected insights. As we expected, developers who
perceive security to be important are more likely to use security tools than those who do not.
But that was not the strongest predictor of security tool use, it was instead developers' ability …
Security tools could help developers find critical vulnerabilities, yet such tools remain underused. We surveyed developers from 14 companies and 5 mailing lists about their reasons for using and not using security tools. The resulting thirty-nine predictors of security tool use provide both expected and unexpected insights. As we expected, developers who perceive security to be important are more likely to use security tools than those who do not. But that was not the strongest predictor of security tool use, it was instead developers' ability to observe their peers using security tools.