Archive: 2021
The Latest Work from the SEI: Artificial Intelligence, DevSecOps, and Security Incident Response
This SEI Blog post is an overview of publications regarding the SEI's work on AI, DevSecOps, and Security Incident Response.
Read More•By Douglas Schmidt (Vanderbilt University)
Architecting the Future of Software Engineering: A Research and Development Roadmap
The SEI, a DoD federally funded research and development center (FFRDC), shares its multi-year research roadmap for next-gen software-reliant systems.
Read More•By Anita Carleton
In Software Engineering Research and Development
Agile Metrics: Assessing Progress to Plans
The role of metrics in a government program’s assessment of progress in an iterative, incremental delivery of a system.
Read More•By Will Hayes, Patrick R. Place, Keith Korzec
In Agile
Safety Assurance Does Not Provide Software Assurance
This SEI Blog on cybersecurity in cyber-physical systems (CPS), shows how safety evaluations fail to protect against cyber threats.
Read More•By Mark Sherman
In Cyber-Physical Systems
DNS Over HTTPS: 3 Strategies for Enterprise Security Monitoring
DNS over HTTPS (DoH) can impair enterprise network visibility and security by bypassing traditional DNS monitoring and protections. In this post, I'll provide enterprise defenders three strategies for security monitoring …
Read More•By Sean Hutchison
In Cybersecurity Engineering
Navigating People Concerns when Transitioning from Sustainment to Engineering Software-Reliant Systems
This post explores people issues that must be considered when software teams transition from sustainment to engineering.
Read More•By Thomas Evans, Michael J. Gagliardi, Mena Kostial, Nicholas Reimer, Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
Translating the Risk Management Framework for Nonfederal Organizations
This blog post translates federal-government-specific aspects of the Risk Management Framework into processes for nonfederal organizations.
Read More•By Emily Shawgo, Brian Benestelli
In Enterprise Risk and Resilience Management
5 Ways to Start Growing an AI-Ready Workforce
This blog post by Rachel Dzombak and Jay Palat outlines 5 factors that are critical for organizations and leaders to consider as they grow an AI-ready workforce.
Read More•By Rachel Dzombak, Jay Palat
In Artificial Intelligence Engineering
The Latest Work from the SEI: Coordinated Vulnerability Disclosure, Cybersecurity Research, Cyber Risk and Resilience, and the Importance of Fostering Diversity in Software Engineering
This post highlights the latest work from the SEI in coordinated vulnerability disclosure, cyber risk and resilience management, automation, and the science of cybersecurity.
Read More•By Douglas Schmidt (Vanderbilt University)
In CERT/CC Vulnerabilities
Introducing CERT Kaiju: Malware Analysis Tools for Ghidra
Ghidra provides a compelling environment for reverse engineering tools that are relatively easy to use during malware analysis. Our latest blog post highlights a new suite of tools, known as …
Read More•By Garret Wassermann, Jeff Gennari
In Reverse Engineering for Malware Analysis
SEI Blog Archive
Recent
Year