- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Auditing Bias in Large Language Models
This post discusses recent research that uses a role-playing scenario to audit ChatGPT, an approach that opens new possibilities for revealing unwanted biases.
• By Katherine-Marie Robinson, Violet Turri
In Artificial Intelligence Engineering
![Katherine-Marie Robinson](/media/images/kmrobinson.max-180x180.format-webp.webp)
![Headshot of Violet Turri](/media/images/thumb_big_v-turri_blog_authors_.max-180x180.format-webp.webp)
3 API Security Risks and Recommendations for Mitigation
This blog post presents three top API security risks along with recommendations for mitigating them.
• By McKinley Sconiers-Hasan
In Cybersecurity Engineering
![msconiers](/media/images/msconiers.max-180x180.format-webp.webp)
Cultivating Kubernetes on the Edge
Members of the SEI DevSecOps Innovation team were asked to explore an alternative to VMware’s vSphere Hypervisor in an edge compute environment. This post explores their prototype.
• By Patrick Earl, Jeffrey Hamed, Doug Reynolds, Jose A. Morales
In DevSecOps
![Patrick Earl](/media/images/Patrick-Earl.max-180x180.format-webp.webp)
![Jeffrey Hamed](/media/images/jhamed.max-180x180.format-webp.webp)
The Latest Work from the SEI: APIs, SBOMs, and Static Analysis
This post presents the latest work from the SEI in the areas of application programming interfaces, secure development, and static analysis.
• By Bill Scherlis
In Software Engineering Research and Development
![Headshot of Bill Scherlis.](/media/images/thumb_big_b-scherlis_blog_autho.max-180x180.format-webp.webp)
Incorporating Agile Principles into Independent Verification and Validation
This post discusses how Agile principles can work with independent verification and validation processes.
• By Justin Smith
In Agile
![Headshot of Justin Smith](/media/images/thumb_mid_j-smith_blog_authors_.max-180x180.format-webp.webp)
Software Cost Estimation Explained
Anandi Hira explains software cost estimation, presents estimation tools, and examines inherent biases that exist in software cost estimation models.
• By Anandi Hira
![Anandi Hira](/media/images/hira-anandi.max-180x180.format-webp.webp)
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
• By David Svoboda
In Cybersecurity Engineering
![David Svoboda](/media/images/thumb_big_d-svoboda_blog_author.max-180x180.format-webp.webp)
The Threat of Deprecated BGP Attributes
This post examines how a small issue with Border Gateway Protocol routing, a deprecated path attribute, can cause a major interruption to Internet traffic.
• By Leigh B. Metcalf, Timur D. Snoke
In CERT/CC Vulnerabilities
![Timur Snoke](/media/images/thumb_big_t-snoke_blog_authors_.max-180x180.format-webp.webp)
Versioning with Git Tags and Conventional Commits
This blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.
• By Alex Vesey
In Cybersecurity Engineering
![Alex Vesey](/media/images/avesey.max-180x180.format-webp.webp)
Measurement Challenges in Software Assurance and Supply Chain Risk Management
This SEI Blog post examines the current state of measurement in software assurance and supply chain management, with a particular focus on open source software, and highlights promising measurement approaches.
• By Nancy R. Mead, Carol Woody, Scott Hissam
In Secure Development
![Nancy Mead](/media/images/thumb_big_n-mead_blog_authors_5.max-180x180.format-webp.webp)
![Headshot of Carol Woody.](/media/images/thumb_big_c-woody_blog_authors_.max-180x180.format-webp.webp)
Explore Topics
- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Get updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Subscribe Get our RSS feedGet updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.
Subscribe Get our RSS feed