I'll be giving a talk about the uniqueness and prevalence of AI/ML vulnerabilities in OSS :) can't wait!

Presenting our work on OSS vulnerability management practices, challenges, and barriers to platform security feature adoption tomorrow morning @USENIXSecurity :) come say hi! #usesec25

https://t.co/fREf3kxi2o

@IEEESSP

A delayed flight later, I finally made it to @IEEESSP :D I'll be presenting our (1) full paper on OSS maintainer experiences with bug bounties during the Software Supply Chain Security session; and (2) early results of AI/ML OSS vulnerabilities in the poster session. Come say hi!

Today on our Speaker 📣 Spotlight 💡 we're highlighting @MrAyala0 who will be presenting LLMs as Bug Hunters: Leveraging LLMs to Discover Python Vulnerabilities. Join us April 12 either in-person or virtually to watch. Get your tickets below 👇

Finally got around to creating a baseline personal homepage for bio, publications, and updates :) Check it out here!

Congratulations to ICS researchers Steven Ngo, Jessy Ayala and Joshua Garcia for receiving a top award as one of six winners of the DARPA’s Building an Adaptive and Competitive Workforce track through the Tools Competition! Read: https://t.co/D6A9jOs5PN #UCIICS

Come say hi! Let's talk OSS security and OSS metrics that could be used to measure or reveal security implications 😎

@openssf Special shout out to my lab mates @yujyet @stevenkngo at @UCIbrenICS coming in clutch and helping prepare top-tier worthy security + software engineering papers to raise awareness for the OSS security community :)

Attending and speaking at @openssf #SOSSFusion on Wednesday at 12:05ET in Salon 1. Come by to learn more about #OSSSecurity practices of various OSS stakeholders and what we can do to help alleviate heavy duty tasks 😀

Catch me at @USENIXSecurity this week in Philadelphia. I'll be presenting some ongoing work tonight regarding the surprising underuse of OSS security features in previously vulnerable projects 👀

@IEEESSP Looking forward to learning more about current work in supply chain security, human factors, LLMs, and real-world investigations!

Catch me at @IEEESSP this week in San Francisco. I'll be presenting some ongoing work tonight regarding OSS vulnerability disclosure practices 🥷

Excited to see our White Paper available today :) it's been awesome to be a part of the IEEE P3164 Security Annotation for Electronic Design Integration Working Group for this project!

See you there! :) @UCIbrenICS

Catch me at the poster session for some fun OSS security + supply chain directions, tonight at 6:30 😀 @USENIXSecurity @github

Come say hi and bug me during the student informal or after the presentation 😎

Catch me at @USENIXSecurity this week in Anaheim. I'll be presenting some ongoing work in OSS security at the poster session & giving a lightning talk on some interesting OSS statistics 🤩

@ts0nn @DLR_de @onyame 4/n @MrAyala0 is presenting the work on "An Empirical Study on Workflows and Security Policies in Popular GitHub Repositories". #svm2023