Hi, my name is Daniel Votipka. I’m a researcher in the University of Maryland’s Computer Science Department. Dr. Michelle Mazurek and I are conducting an interview study examining how software testers and white-hat hackers look for security vulnerabilities. I wanted to reach out to you and see if anyone might be interested in participating.
For this study, we will conduct interviews asking about how you perform software vulnerability discovery tasks and how you have developed the necessary skills in this area. Further details about the study can be found at vulnstudy.cs.umd.edu.
The goal of our research is to understand how software testers and white-hat hackers think about and perform vulnerability discovery. We want to compare the groups, determine what strengths they bring to the table, and identify any challenges they face. Using our results, we will then develop improved training, tools, and policies that will help both groups perform this task better and in turn improve overall software security.
To be eligible for the study, the following requirements must be met:
- Participants must have professional experience in software testing.
- Participants must be 18 years or older.
Participation in this study will involve one 60-minute interview (in-person or video conference), and you will receive a $25 gift card for your time.
To be considered for participation, anyone can sign up at https://umdsurvey.umd.edu/SE/?SID=SV_6z1ggXnQrBV7rnf&p=10 and complete a short (<5 min) demographic survey.
If you have any questions, comments, or concerns or you would just like to hear more about the research we’re doing, I’d be happy to talk further with you, so feel free to respond to this topic or email me at firstname.lastname@example.org.