An investigation of security conversations in stack overflow

Tamara Lopez, Thein T. Tun, Arosha Bandara, Mark Levine, Bashar Nuseibeh, Helen Sharp
2018 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment - SEAD '18  
Developers turn to Stack Overflow and other on-line sources to find solutions to security problems, but little is known about how they engage with and guide one another in these environments or the perceptions of software security this may encourage. This study joins recent calls to understand more about how developers use Internet sources to solve security problems. Using qualitative methods, a set of questions within the security channel of Stack Overflow were selected and examined for
more » ... Preliminary findings reveal more about this community of practitioners: who are the askers and commenters, how security questions are asked and how developers frame technical information using social and experience-based perceptions of security. CCS CONCEPTS • Security and privacy → Software security engineering; • Software and its engineering → Collaboration in software development; KEYWORDS secure software development, collaborative environments, empirical studies
doi:10.1145/3194707.3194713 dblp:conf/icse/LopezTBLNS18 fatcat:rg6fupajznfjnpmc7gqt5szwmy