Visible to the public A Bird's Eye View of Knowledge Needs Related to Penetration TestingConflict Detection Enabled

ABSTRACT

According to the National Institute of Standards and Technology (NIST), penetration testing is an assessment conducted on software systems to identify vulnerabilities that could be exploited by adversaries 1 . Despite the importance of penetration testing in software security, practitioners search for strategies and guidance on how to get started in the domain of penetration testing. We hypothesize that practitioners have knowledge needs related to penetration testing, which can be synthesized using penetration testing-related questions posted on questions and answer (Q&A) websites. A systematic investigation can identify the knowledge needs of practitioners related to penetration testing, helping the cyber-security community in advancing the field of cyber-security education. The goal of this paper is to help cyber-security researchers in advancing the field of cyber-security education by analyzing penetration testing-related questions posted by practitioners.

BIO

Akond Rahman is a PhD candidate at North Carolina State University. His research interests include DevOps, Software Security, and Applied Software Analytics. He graduated with an M.Sc. in Computer Science and Engineering from University of Connecticut and a B.Sc. in Computer Science and Engineering from Bangladesh University of Engineering and Technology. He won the Microsoft Open Source Challenge Award in 2016 and the ACM SIGSOFT Doctoral Symposium Award in 2018. During his PhD tenure he has collaborated with practitioners from companies such as, ABB, IBM, and RedHat. To know more about his work visit https://akondrahman.github.io/

License: 
Creative Commons 2.5
Preview: Preview | Thumbnail | Medium | Image

Other available formats:     

A Bird's Eye View of Knowledge Needs Related to Penetration Testing