- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- CSIRT Development
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Modeling Languages for Model-Based Systems Engineering (MBSE)
This post summarizes the benefits, practices, and tools for using a modeling language and compares the capabilities of SysML and AADL for use in model-based systems engineering (MBSE).
• By John McGregor, Sholom Cohen
MXNet: A Growing Deep Learning Framework
MXNet (pronounced mix-net) is Apache’s open-source spin on a deep-learning framework that supports building and training models in multiple languages, including Python, R, Scala, Julia, Java, Perl, and C++.
• By Jeffrey Mellon
In Artificial Intelligence Engineering
Writing Ansible Roles with Confidence
How do you write Ansible roles in a way where you can be confident your role works as intended? This post provides guidance on how to best begin developing Ansible …
• By Matthew Heckathorn
In DevSecOps
How to Mitigate Insider Threats by Learning from Past Incidents
This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."
• By Daniel Costa
In Insider Threat
A Technical DevSecOps Adoption Framework
This blog post describes our new DevSecOps adoption framework that guides the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.
• By Vanessa Jackson, Lyndsi Hughes
In DevSecOps
An Acquisition Security Framework for Supply Chain Risk Management
This post introduces the Acquisition Security Framework (ASF), which helps organizations identify the critical touchpoints needed for effective supply chain risk management.
• By Carol Woody
In Cybersecurity Engineering
5 Issues to Consider When Engineering Societal-Scale Systems
Societal-scale software systems, such as commercial social media platforms, are among the most widely used systems in the world with billions of daily active users. This post explores issues to …
• By John Robert
In Software Engineering Research and Development
The Drive Toward Stability
This SEI Blog post highlights how the SEI has reshaped its research strategy over the past several years to take on emerging disruptions, and how we’ve integrated a number of …
• By Thomas Longstaff
In Software Engineering Research and Development
Vultron: A Protocol for Coordinated Vulnerability Disclosure
This post introduces Vultron, a protocol for multi-party coordinated vulnerability disclosure (MPCVD).
• By Allen Householder
In CERT/CC Vulnerabilities
Using Alternate Data Streams in the Collection and Exfiltration of Data
In this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.
• By Dustin Updyke, Molly Jaconski
In Cybersecurity Engineering
Get updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.