Rate My Professor Fabio Massacci

prof. dr. ir. Fabio Massacci is a Full Professor in the Faculty of Science, Department of Computer Systems, and Full Professor at the Network Institute, Vrije Universiteit Amsterdam. He also serves as a part-time Full Professor at the Department of Computer Science, Università degli Studi di Trento since 2020. Massacci holds a PhD in Computer Science and Engineering from La Sapienza University of Rome, completed in 1998 with a thesis on Automated Reasoning with Applications to Computer Security. His academic background further includes an MEng obtained in 1992 and an MA in International Relations in 1995. Throughout his career, he has held visiting positions at Durham University, University of Koblenz, KU Leuven, University of Oslo, and ISI Marina del Rey. He has extensive experience in ICT procurements, supervising large teams and contracts, and has been involved in civil society initiatives including volunteer work in refugee camps.

Massacci's research specializations include risks, security economics, security analysis of software ecosystems, experimental methods for security, security and trust in socio-technical systems, dependency management, software vulnerability assessments, advanced persistent threats, cyberterrorism, and cybersecurity for AI-augmented systems. He received the Ten Years Most Influential Paper Award from the IEEE Requirements Engineering Conference in 2015 for work on security and trust in socio-technical systems, and the 2001 AIxIA Marco Somalvico Career Award for Young Researchers in Artificial Intelligence. As Associate Editor in Chief of IEEE Security and Privacy Magazine, he contributes to the field's editorial standards. In 2025, he became an IEEE Standards authorized lead assessor for IEEE CertifAIEd. Notable publications encompass "SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing with the Devil?" (IEEE Security & Privacy, 2021), "A Qualitative Study of Dependency Management and Its Security Implications" (ACM CCS, 2020), "Measuring the accuracy of software vulnerability assessments: experiments with students and professionals" (Empirical Software Engineering, 2020), "Updates are useless - a comprehensive study of Advanced Persistent Threats" (IEEE TSE, 2022), "Building Principles for Lethal Cyber Weapons and State Cyberterrorism" (IEEE S&P Magazine, 2022), and "If your users browse porn, does it increase the chances of malware encounters: a case control study" (IEEE TIFS, 2024). Massacci supervises PhD students and research staff at Vrije Universiteit Amsterdam in projects such as Sec4AI4Sec and Theseus.