4,759 research outputs found
Understanding the Heterogeneity of Contributors in Bug Bounty Programs
Background: While bug bounty programs are not new in software development, an
increasing number of companies, as well as open source projects, rely on
external parties to perform the security assessment of their software for
reward. However, there is relatively little empirical knowledge about the
characteristics of bug bounty program contributors. Aim: This paper aims to
understand those contributors by highlighting the heterogeneity among them.
Method: We analyzed the histories of 82 bug bounty programs and 2,504 distinct
bug bounty contributors, and conducted a quantitative and qualitative survey.
Results: We found that there are project-specific and non-specific contributors
who have different motivations for contributing to the products and
organizations. Conclusions: Our findings provide insights to make bug bounty
programs better and for further studies of new software development roles.Comment: 6 pages, ESEM 201
Crisis Analytics: Big Data Driven Crisis Response
Disasters have long been a scourge for humanity. With the advances in
technology (in terms of computing, communications, and the ability to process
and analyze big data), our ability to respond to disasters is at an inflection
point. There is great optimism that big data tools can be leveraged to process
the large amounts of crisis-related data (in the form of user generated data in
addition to the traditional humanitarian data) to provide an insight into the
fast-changing situation and help drive an effective disaster response. This
article introduces the history and the future of big crisis data analytics,
along with a discussion on its promise, challenges, and pitfalls
- …