{"id":"https://openalex.org/W4414420442","doi":"https://doi.org/10.1145/3731806.3731851","title":"An Empirical Exploration of Cybersecurity Threats and Mitigation Strategies in Software Testing","display_name":"An Empirical Exploration of Cybersecurity Threats and Mitigation Strategies in Software Testing","publication_year":2025,"publication_date":"2025-02-20","ids":{"openalex":"https://openalex.org/W4414420442","doi":"https://doi.org/10.1145/3731806.3731851"},"language":"en","primary_location":{"id":"doi:10.1145/3731806.3731851","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731806.3731851","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3731806.3731851","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 14th International Conference on Software and Computer Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3731806.3731851","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5023984654","display_name":"Hussein Al Hashimi","orcid":"https://orcid.org/0000-0003-2148-8095"},"institutions":[{"id":"https://openalex.org/I28022161","display_name":"King Saud University","ror":"https://ror.org/02f81g417","country_code":"SA","type":"education","lineage":["https://openalex.org/I28022161"]}],"countries":["SA"],"is_corresponding":true,"raw_author_name":"Hussein Ali Al Hashimi","raw_affiliation_strings":["Department of Software Engineering, College of Computer and Information Sciences at King Saud University, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0003-2148-8095","affiliations":[{"raw_affiliation_string":"Department of Software Engineering, College of Computer and Information Sciences at King Saud University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I28022161"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5023984654"],"corresponding_institution_ids":["https://openalex.org/I28022161"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36590963,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"96","last_page":"106"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5874000191688538},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5738999843597412},{"id":"https://openalex.org/keywords/mindset","display_name":"Mindset","score":0.46810001134872437},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.46149998903274536},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.44110000133514404},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.42340001463890076},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.41760000586509705},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.41200000047683716},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.396699994802475},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.3910999894142151}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.684499979019165},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5874000191688538},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5738999843597412},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4950000047683716},{"id":"https://openalex.org/C2778491294","wikidata":"https://www.wikidata.org/wiki/Q1339824","display_name":"Mindset","level":2,"score":0.46810001134872437},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.46149998903274536},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.44110000133514404},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.42340001463890076},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.41760000586509705},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.41200000047683716},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.396699994802475},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.3910999894142151},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.37880000472068787},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3596999943256378},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.3538999855518341},{"id":"https://openalex.org/C2778652015","wikidata":"https://www.wikidata.org/wiki/Q7445019","display_name":"Security awareness","level":3,"score":0.33340001106262207},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.32899999618530273},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.3240000009536743},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.32199999690055847},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.32199999690055847},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3163999915122986},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.31139999628067017},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3082999885082245},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.30559998750686646},{"id":"https://openalex.org/C111524372","wikidata":"https://www.wikidata.org/wiki/Q7663718","display_name":"System integration testing","level":5,"score":0.30059999227523804},{"id":"https://openalex.org/C74579156","wikidata":"https://www.wikidata.org/wiki/Q7554342","display_name":"Software peer review","level":5,"score":0.29910001158714294},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.2948000133037567},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2879999876022339},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.2815000116825104},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.27790001034736633},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.2750000059604645},{"id":"https://openalex.org/C188598960","wikidata":"https://www.wikidata.org/wiki/Q7705805","display_name":"Test strategy","level":3,"score":0.26980000734329224},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.26759999990463257},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.2630999982357025},{"id":"https://openalex.org/C2778143579","wikidata":"https://www.wikidata.org/wiki/Q831801","display_name":"Business continuity","level":2,"score":0.2572999894618988},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.2556999921798706}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3731806.3731851","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731806.3731851","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3731806.3731851","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 14th International Conference on Software and Computer Applications","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3731806.3731851","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731806.3731851","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3731806.3731851","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 14th International Conference on Software and Computer Applications","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4414420442.pdf","grobid_xml":"https://content.openalex.org/works/W4414420442.grobid-xml"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W109452506","https://openalex.org/W1936022305","https://openalex.org/W2056738644","https://openalex.org/W2089641512","https://openalex.org/W2529133275","https://openalex.org/W2888824816","https://openalex.org/W2982138961","https://openalex.org/W4288363128","https://openalex.org/W4313472297","https://openalex.org/W4313585784","https://openalex.org/W4320919492","https://openalex.org/W4320922001","https://openalex.org/W4385570371","https://openalex.org/W4385734111","https://openalex.org/W4391850264","https://openalex.org/W4401015256"],"related_works":[],"abstract_inverted_index":{"Software":[0],"testing":[1,116,137,163,211,240],"is":[2,127,216],"a":[3,90,99,129,168,204],"fundamental":[4],"process":[5],"of":[6,15,46,92,104,111,124,131,150,161,196,224,236,254],"software":[7,17,33,181,226,239,283],"development":[8,209,227],"since":[9],"it":[10],"ensures":[11],"the":[12,16,29,44,108,115,122,147,159,194,225,233,251,257,272],"superior":[13],"quality":[14],"products":[18],"developed":[19],"and":[20,27,41,59,74,107,158,193,210,241,275],"that":[21,52,214],"they":[22],"are":[23],"delivered":[24],"without":[25],"defects":[26],"with":[28,77,86,271],"required":[30],"functionality.":[31,62],"As":[32],"applications":[34,284],"become":[35],"increasingly":[36],"integral":[37,222],"to":[38,134,176,202,250,263,277],"business":[39],"operations":[40],"everyday":[42],"life,":[43],"proliferation":[45],"cyber":[47],"threats":[48,51,106,280],"poses":[49],"significant":[50],"can":[53],"compromise":[54],"data":[55,82],"integrity,":[56],"user":[57],"privacy,":[58],"overall":[60],"system":[61],"This":[63,165,199],"study":[64],"investigates":[65],"common":[66],"cybersecurity":[67,105,178,237,279],"threats,":[68],"including":[69,153],"SQL":[70],"injection,":[71],"cross-site":[72],"scripting,":[73],"vulnerabilities":[75],"associated":[76],"third-party":[78],"libraries,":[79],"by":[80,170,268],"analyzing":[81],"collected":[83],"from":[84],"surveys":[85],"industry":[87],"professionals":[88],"alongside":[89,138],"review":[91],"existing":[93],"literature.":[94],"The":[95,141,259],"study's":[96],"findings":[97],"reveal":[98],"critical":[100],"gap":[101],"between":[102],"awareness":[103],"effective":[109],"implementation":[110],"security":[112,136,151,191,206,215],"practices":[113,185],"within":[114],"lifecycle.":[117,228],"While":[118],"many":[119],"organizations":[120,270],"recognize":[121],"importance":[123],"cybersecurity,":[125],"there":[126],"often":[128],"lack":[130],"structured":[132],"methodologies":[133],"incorporate":[135],"functional":[139],"testing.":[140],"paper":[142,166,260],"identifies":[143],"key":[144],"factors":[145],"influencing":[146],"successful":[148],"integration":[149],"measures,":[152],"organizational":[154],"culture,":[155],"resource":[156],"allocation,":[157],"use":[160],"automated":[162],"tools.":[164],"proposes":[167],"framework":[169,200],"using":[171],"an":[172,218,221],"online":[173],"questionnaire":[174],"survey":[175],"enhance":[177],"resilience":[179],"during":[180],"testing,":[182],"emphasizing":[183],"best":[184],"such":[186],"as":[187],"threat":[188],"modeling,":[189],"continuous":[190],"integration,":[192],"adoption":[195],"DevSecOps":[197],"methodologies.":[198],"aims":[201,262],"foster":[203],"proactive":[205],"mindset":[207],"among":[208],"teams,":[212],"ensuring":[213],"not":[217],"afterthought":[219],"but":[220],"component":[223],"By":[229],"shedding":[230],"light":[231],"on":[232],"current":[234],"state":[235],"in":[238,256,281],"offering":[242],"actionable":[243],"insights":[244],"for":[245],"practitioners,":[246],"this":[247],"research":[248],"contributes":[249],"growing":[252],"body":[253],"knowledge":[255],"field.":[258],"ultimately":[261],"promote":[264],"safer":[265],"digital":[266],"environments":[267],"equipping":[269],"necessary":[273],"tools":[274],"strategies":[276],"mitigate":[278],"their":[282],"effectively.":[285]},"counts_by_year":[],"updated_date":"2026-03-08T06:56:09.383167","created_date":"2025-10-10T00:00:00"}