"I wasn't sure if this is indeed a security risk": Data-driven Understanding of Security Issue Reporting in GitHub Repositories of Open Source npm Packages

Name: "I wasn't sure if this is indeed a security risk": Data-driven Understanding of Security Issue Reporting in GitHub Repositories of Open Source npm Packages
Duration: 15 min
Description: Talk from 34th USENIX Security Symposium (USENIX Security '25).

Rajdeep Ghosh

34th USENIX Security Symposium (USENIX Security '25) · Day 2 · Usable Privacy and Security 2: Software and Experts