- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Continuous Deployment of Capability
- Cyber-Physical Systems
- Cybersecurity Center Development
- Cybersecurity Engineering
- Cyber Workforce Development
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
The DevSecOps Capability Maturity Model
Implementing DevSecOps can improve multiple aspects of the effectiveness of a software organization and the quality of the software for which it is responsible.
Read More•By Timothy A. Chick, Brent Frye, Aaron K. Reffett
In Continuous Deployment of Capability
Detection and Repair: The Cost of Remediation
This year, we plan on making some exciting updates to the SEI CERT C Coding Standard. This blog post is about one of our ideas for improving the standard.
Read More•By David Svoboda
In Secure Development
Perspectives on Generative AI in Software Engineering and Acquisition
It is essential that software and acquisition professionals learn how to apply AI-augmented methods and tools in their workflows. SEI researchers offer their perspectives on this topic.
Read More•By Anita Carleton, James Ivers, Ipek Ozkaya, John E. Robert, Douglas Schmidt (William & Mary), Shen Zhang
In Software Engineering Research and Development
Protecting AI from the Outside In: The Case for Coordinated Vulnerability Disclosure
This post highlights lessons learned from applying the coordinated vulnerability disclosure (CVD) process to reported vulnerabilities in AI and ML systems.
Read More•By Allen D. Householder, Vijay S. Sarvepalli, Jeff Havrilla, Matt Churilla, Lena Pons, Shing-hon Lau, Nathan M. VanHoudnos, Andrew Kompanek, Lauren McIlvenny
In Artificial Intelligence Engineering
Introducing MLTE: A Systems Approach to Machine Learning Test and Evaluation
Machine learning systems are notoriously difficult to test. This post introduces Machine Learning Test and Evaluation (MLTE), a new process and tool to mitigate this problem and create safer, more …
Read More•By Alex Derr, Sebastián Echeverría, Katherine R. Maffey (AI Integration Center, U.S. Army), Grace Lewis
In Artificial Intelligence Engineering
Cyber-Informed Machine Learning
This blog post proposes cyber-informed machine learning as a conceptual framework for emphasizing three types of explainability when ML is used for cybersecurity.
Read More•By Jeffrey Mellon, Clarence Worrell
In Cybersecurity Engineering
Introducing the Insider Incident Data Exchange Standard (IIDES)
Capturing and sharing information about insider incidents is a challenge. This post introduces the Insider Incident Data Exchange Standard (IIDES) schema for insider incident data collection.
Read More•By Austin Whisnant
In Insider Threat
6 Lessons Learned from Hosting the President's Cup Cybersecurity Competition
During its six years supporting the President's Cup, the SEI has fielded nearly 4,000 help-desk tickets.
Read More•By John Diricco
In Cyber Workforce Development
13 Cybersecurity Predictions for 2025
It’s that time of year when we reflect on the past year and eagerly look forward. This post presents 13 cyber predictions for 2025.
Read More•By Greg Touhill
In Cybersecurity Engineering
The Myth of Machine Learning Non-Reproducibility and Randomness for Acquisitions and Testing, Evaluation, Verification, and Validation
A reproducibility challenge faces machine learning (ML) systems today. This post explores configurations that increase reproducibility and provides recommendations for these challenges.
Read More•By Andrew O. Mellinger, Daniel Justice, Marissa Connor, Shannon Gallagher, Tyler Brooks
In Artificial Intelligence Engineering
Explore Topics
- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Continuous Deployment of Capability
- Cyber-Physical Systems
- Cybersecurity Center Development
- Cybersecurity Engineering
- Cyber Workforce Development
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Get updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Subscribe Get our RSS feedGet updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.
Subscribe Get our RSS feed