,
Efficiency of vulnerability disclosure mechanisms to disseminate vulnerability knowledge, IEEE TSE, 2007. ,
Mailbox Names for Common Services, Roles and Functions. RFC 2142, Internet Engineering Task Force, 1997. ,
On the impact of security vulnerabilities in the npm package dependency network, 2018. ,
,
A method for web security policies, 2018. ,
,
GitHub: Open source survey ,
HackerOne: Vulnerability disclosure policy basics: 5 critical components ,
Do developers update their library dependencies?, 2018. ,
How good are the specs? A study of the bug-finding effectiveness of existing Java API specifications, 2016. ,
Understanding web browsing behaviors through Weibull analysis of dwell time, 2010. ,
Can automated pull requests encourage software developers to upgrade out-of-date dependencies, 2017. ,
Curating GitHub for engineered software projects, 2017. ,
Libraries.io open source repository and dependency metadata, 2017. ,
, OWASP Foundation: Top ten security risks, NIST: National vulnerability database, vol.23, 2017.
Rapid7: NIST cyber framework updated with coordinated vuln disclosure processes, Open source vulnerabilities tripped Equifax, 2017. ,
bounty-targets-data, 2018. ,
The unfortunate reality of insecure libraries ,