"Software Flaws Often First Reported on Social Media Networks, PNNL Researchers Find"
According to a study conducted by researchers at the U.S. Department of Energy's Pacific Northwest National Laboratory (PNNL), software vulnerabilities are more likely to be discussed on social media sites such as GitHub, Twitter, and Reddit before they appear in the National Vulnerability Database, which poses a threat to national security. The researchers' finding calls for governments to improve their monitoring of social media discussions about security flaws discovered in software. The study also noted that each commercial software codebase contains an average of 64 vulnerabilities, highlighting how common codebase vulnerabilities are. In addition, the researchers pointed out differences between social media traffic generated by humans and automated messages from bots to see whether bots or humans are more effective at raising awareness about a software vulnerability. This article continues to discuss the study and its findings concerning the most popular social media platforms used for initial discussions about software vulnerabilities, the growth in codebase vulnerabilities, the spread of vulnerability information on social media via humans or bots, as well as the importance of exploring social cybersecurity.