Setu Basak

Co-authored papers

2023

• A Comparative Study of Software Secrets Reporting by Secret Detection Tools

  ACM/IEEE International Symposium on Empirical Software Engineering and Measurement

  Setu Basak, Jameson Cox, Bradley Reaves, and Laurie Williams

  DOI PDF

  Benchmarks run on nine secret detection tools show that no tool dominates both precision and recall, with errors traced to generic regexes and incomplete rulesets.

2022

• What are the practices for secret management in software artifacts?

  Proceedings of the IEEE Secure Development Conference

  Setu Basak, Lorenzo Neil, Bradley Reaves, and Laurie Williams

  PDF

  A grey literature review distills 24 secret management practices into six categories, finding that local environment variables and external secret management services are the most widely recommended mitigations.