- document
-
de Smale, S. (author), van Dijk, Rik (author), Bouwman, X.B. (author), van der Ham, Jeroen (author), van Eeten, M.J.G. (author)The number of published software vulnerabilities is increasing every year. How do organizations stay in control of their attack surface despite their limited staff resources? Prior work has analyzed the overall software vulnerability ecosystem as well as patching processes within organizations, but not how these two are connected. We investigate...conference paper 2023
- document
-
Bouwman, X.B. (author), Le Pochat, Victor (author), Foremski, Pawel (author), Van Goethem, Tom (author), Hernandez Ganan, C. (author), Moura, Giovane C.M. (author), Tajalizadehkhoob, Samaneh (author), Joosen, Wouter (author), van Eeten, M.J.G. (author)We tracked the largest volunteer security information sharing community known to date: the COVID-19 Cyber Threat Coalition, with over 4,000 members. This enabled us to address long-standing questions on threat information sharing. First, does collaboration at scale lead to better coverage? And second, does making threat data freely available...conference paper 2022
- document
-
Bouwman, X.B. (author), Griffioen, Harm (author), Egbers, Jelle (author), Doerr, Christian (author), Klievink, Bram (author), van Eeten, M.J.G. (author)Commercial threat intelligence is thought to provide unmatched coverage on attacker behavior, but it is out of reach for many organizations due to its hefty price tag. This paper presents the first empirical assessment of the services of commercial threat intelligence providers. For two leading vendors, we describe what these services consist of...conference paper 2020