Software Security Professionals: Expertise Indicators

In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the worker. Recently, this has become increasingly important particularly when the crowd-sourced tasks are complex and require skillful workers...

Full description

Saved in:
Bibliographic Details
Published in2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) pp. 139 - 148
Main Authors Al-Banna, Mortada, Benatallah, Boualem, Barukh, Moshe Chai
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.11.2016
Subjects
Blogs
Certification
Crowd-sourcing
Expertise
Interviews
Organizations
Recruitment
Security
Security professionals
Software
Vulnerability discovery
Online AccessGet full text

Cover

More Information
Summary:In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the worker. Recently, this has become increasingly important particularly when the crowd-sourced tasks are complex and require skillful workers (e.g. software development, software testing, vulnerability discovery, and open innovation). In this paper, we aim to identify indicators to determine the expertise of security professionals in a crowd-sourcing vulnerability discovery platform. We review literature and online contents, conduct interviews with domain experts, and survey security professionals involved in the task of vulnerability discovery. We discuss the indicators we have found, and we provide some recommendations to help improve the process of selecting security professionals to perform crowd tasks related to vulnerability discovery.
DOI:10.1109/CIC.2016.030