@inproceedings{62738,
  abstract     = {{Vulnerability disclosures are necessary to improve the security of our digital ecosystem. However, they can also be challenging for researchers: it may be hard to find out who the affected parties even are, or how to contact them. Researchers may be ignored or face adversity when disclosing vulnerabilities. We investigate researchers' experiences with vulnerability disclosures, extract best practices, and make recommendations for researchers, institutions that employ them, industry, and regulators to enable effective vulnerability disclosures.}},
  author       = {{Sri Ramulu, Harshini and Rotthaler, Anna Lena and Rossel, Jost and Gonzalez Rodriguez, Rachel and Wermke, Dominik and Fahl, Sascha and Kohno, Tadayoshi and Somorovsky, Juraj and Acar, Yasemin}},
  booktitle    = {{Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security}},
  keywords     = {{software vulnerabilities, vulnerability disclosure, security research}},
  publisher    = {{ACM}},
  title        = {{{Poster: Computer Security Researchers' Experiences with Vulnerability Disclosures}}},
  doi          = {{10.1145/3719027.3760723}},
  year         = {{2025}},
}

@article{45984,
  author       = {{Kaur, Mannat and Sri Ramulu, Harshini and Acar, Yasemin and Fiebig, Tobias}},
  journal      = {{Proc. ACM Hum. Comput. Interact.}},
  number       = {{CSCW1}},
  pages        = {{1–38}},
  title        = {{{"Oh yes! over-preparing for meetings is my jam :)": The Gendered Experiences of System Administrators}}},
  doi          = {{10.1145/3579617}},
  volume       = {{7}},
  year         = {{2023}},
}

@inproceedings{47304,
  author       = {{Wermke, Dominik and Klemmer, Jan H. and Wöhler, Noah and Schmüser, Juliane and Sri Ramulu, Harshini and Acar, Yasemin and Fahl, Sascha}},
  booktitle    = {{44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023}},
  pages        = {{1545–1560}},
  publisher    = {{IEEE}},
  title        = {{{"Always Contribute Back": A Qualitative Study on Security Challenges of the Open Source Supply Chain}}},
  doi          = {{10.1109/SP46215.2023.10179378}},
  year         = {{2023}},
}

@inproceedings{47312,
  author       = {{Neil, Lorenzo and Sri Ramulu, Harshini and Acar, Yasemin and Reaves, Bradley}},
  booktitle    = {{Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023}},
  pages        = {{283–299}},
  publisher    = {{USENIX Association}},
  title        = {{{Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice}}},
  year         = {{2023}},
}

@inproceedings{53366,
  author       = {{Tran, Mindy and Munyendo, Collins W and Sri Ramulu, Harshini and Rodriguez, Rachel Gonzalez and Schnell, Luisa Ball and Sula, Cora and Simko, Lucy and Acar, Yasemin}},
  booktitle    = {{2024 IEEE Symposium on Security and Privacy (SP)}},
  pages        = {{4–4}},
  title        = {{{Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study}}},
  year         = {{2023}},
}

@article{53352,
  author       = {{Simko, Lucy and Sri Ramulu, Harshini and Kohno, Tadayoshi and Acar, Yasemin}},
  journal      = {{Proc. ACM Hum. Comput. Interact.}},
  number       = {{CSCW2}},
  pages        = {{1–54}},
  title        = {{{The Use and Non-Use of Technology During Hurricanes}}},
  doi          = {{10.1145/3610215}},
  volume       = {{7}},
  year         = {{2023}},
}