The Impact of Interface Design on the Usability of Code Analyzers

Code-level vulnerabilities play a significant role in the number of data breaches that happen across the globe. There have been several efforts by researchers and developers alike to design tools that provide programmers with code scanning capabilities. However, many developers and businesses are skeptical of using some of these tools. One major reason for the lack of acceptance and use of code scanning tools is poor interface design and substandard presentation of bug/vulnerability warnings. In an effort to design a recommender system to help programmers write more secure code, we conducted a knowledge elicitation survey and usability study to provide insights about the expectations of programmers in regards to a usable interface. This article summarizes our findings.