Archive: 2019
Situational Awareness for Cybersecurity: Assets and Risk
When key business assets are not adequately protected from cybersecurity breaches, organizations can experience dire consequences....
Read More•By Angela Horneman, Lauren Cooper
In Situational Awareness
How to Build a Trustworthy Free/Libre Linux Capable 64-bit RISC-V Computer
The attack surface for commercial hardware now spans all stages of the development lifecycle. Even in the presence of secure, bug-free software, the growing threat of hardware Trojans and backdoors …
Read More•By Gabriel Somlo
It's Time to Retire Your Unsupported Things
"If it ain't broke, don't fix it." Why mess with something that already works? This is fair advice with many things in life. But when it comes to software security, …
Read More•By Will Dormann
In CERT/CC Vulnerabilities
Network Traffic Analysis with SiLK: Profiling and Investigating Cyber Threats
Cyber threats are on the rise, making it vitally important to understand what's happening on our computer networks. But the massive amount of network traffic makes this job hard....
Read More•By Paul Krystosek, Timothy J. Shimeall, Nancy Ott
In Situational Awareness
Mapping Cyber Hygiene to the NIST Cybersecurity Framework
In honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives....
Read More•By Matthew Trevors
In Insider Threat
Could Blockchain Improve the Cybersecurity of Supply Chains?
A September 2018 report to the President, Assessing and Strengthening the Manufacturing and Defense Industrial Base and Supply Chain Resiliency of the United States, raised concerns about cybersecurity....
Read More•By Eliezer Kanal
In Cybersecurity Engineering
Six Best Practices for Developer Testing
Code coverage represents the percent of certain elements of a software item that have been exercised during its testing....
Read More•By Robert V. Binder
VPN - A Gateway for Vulnerabilities
Virtual Private Networks (VPNs) are the backbone of today's businesses providing a wide range of entities from remote employees to business partners and...
Read More•By Vijay S. Sarvepalli
In CERT/CC Vulnerabilities
Situational Awareness for Cybersecurity: Three Key Principles of Effective Policies and Controls
Security measures are most effective when it is clear how assets are supposed to be used and by whom....
Read More•By Angela Horneman
In Situational Awareness
System Resilience: What Exactly is it?
Over the past decade, system resilience (a.k.a., system resiliency) has been widely discussed as a critical concern, especially in terms of data centers and cloud computing....
Read More•By Donald Firesmith
In Cybersecurity Engineering
SEI Blog Archive
Recent
Year