[Invitation] Survey about vulnerability remediation processes

Noura Alomar nnalomar at berkeley.edu
Wed Sep 7 20:04:54 EDT 2022


I hope my email finds you well.

I am a computer security researcher from the Berkeley Laboratory for Usable
and Experimental Security (BLUES). I am conducting with other researchers
from Berkeley a study to understand vulnerability remediation practices.
Our research seeks to answer the following: 1) what processes do
organizations follow to remediate security vulnerabilities?, 2) how
effective and efficient are these processes?, 3) what challenges do
engineers and organizations face when remediating security
vulnerabilities?, and 4) what kind of improvements can be done to improve
how discovered vulnerabilities are handled?.

To that end, I am writing to invite you to participate in our anonymous
survey which is available at:


The survey is expected to take from 15 to 20 minutes. We are not collecting
any personally identifiable information through the survey. As a token of
our appreciation, each participant will be offered to be entered into a
drawing for five $100 Amazon gift cards (optional).

We would really appreciate your participation in our survey. If you could
share it with people you know who are involved in vulnerability
remediation, that would be very much appreciated as well.

Thank you,


More information about the security mailing list