Archive: 2019
Data-Driven Management of Technical Debt
Learn about the SEI's work on technical debt analysis techniques and practices to help software engineers manage its impact on projects in this SEI Blog post.
Read More•By Ipek Ozkaya, Robert Nord
In Technical Debt
Mission Thread Analysis Using End-to-End Data Flows - Part 2
The first blog post in this series provided an overview of the E2E Mission Thread Data Flow Analysis (EMDA) method, an approach that analyzes the flow of data as they …
Read More•By Donald Firesmith
In Cybersecurity Engineering
Patterns and Trends in Insider Threats Across Industry Sectors (Part 9 of 9: Insider Threats Across Industry Sectors)
In previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)....
Read More•By Daniel L. Costa
In Insider Threat
Vulnonym: Stop the Naming Madness!
This SEI Blog post discusses the problems with naming vulnerabilities and proposes a new approach called Vulnonym to improve vulnerability communication.
Read More•By Leigh B. Metcalf
In CERT/CC Vulnerabilities
Cybersecurity Engineering for Legacy Systems: 6 Recommendations
Legacy systems continue to play a key role across many organizations. Engineering cybersecurity into these legacy systems presents some unique challenges....
Read More•By Susan Crozier Cox, Harry L. Levinson
In Cybersecurity Engineering
The Latest Work from the SEI: AI, Deepfakes, Automated Alert Handling, and Cyber Intelligence
As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, and presentations highlighting our work in …
Read More•By Douglas Schmidt (Vanderbilt University)
In Artificial Intelligence Engineering
September Is National Insider Threat Awareness Month
September 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center....
Read More•By Daniel L. Costa
In Insider Threat
The Dangers of VHD and VHDX Files
Recently, I gave a presentation at BSidesPGH 2019 called Death By Thumb Drive: File System Fuzzing with CERT BFF....
Read More•By Will Dormann
In CERT/CC Vulnerabilities
Situational Awareness for Cybersecurity: An Introduction
Situational awareness (SA) helps decision makers throughout an organization have the information and understanding available to make good decisions in the course of their work....
Read More•By Angela Horneman
In Situational Awareness
Update on the CERT Guide to Coordinated Vulnerability Disclosure
It's been two years since we originally published the CERT Guide to Coordinated Vulnerability Disclosure. In that time, it's influenced both the US Congress and EU Parliament....
Read More•By Allen D. Householder
In CERT/CC Vulnerabilities
SEI Blog Archive
Recent
Year