Henrik Plate

Latest

• The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application
• LastPyMile: Identifying the Discrepancy between Sources and Packages
• Towards Using Source Code Repositories to Identify Software Supply Chain Attacks
• Vuln4Real: A methodology for counting actually vulnerable dependencies
• Typosquatting and combosquatting attacks on the python ecosystem
• Detection, assessment and mitigation of vulnerabilities in open source dependencies
• A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software
• Beyond Metadata: Code-centric and Usage-based Analysis of Known Vulnerabilities in Open-source Software
• Vulnerable Open Source Dependencies: Counting Those That Matter
• Impact Assessment for Vulnerabilities in Open-Source Software Libraries