Archive: 2021
The Latest Work from the SEI: Artificial Intelligence, DevSecOps, and Security Incident Response
This SEI Blog post is an overview of publications regarding the SEI's work on AI, DevSecOps, and Security Incident Response.
• By Douglas Schmidt (Vanderbilt University)
![Douglas C. Schmidt](/media/images/thumb_big_d-schmidt_blog_author.max-180x180.format-webp.webp)
Architecting the Future of Software Engineering: A Research and Development Roadmap
The SEI, a DoD federally funded research and development center (FFRDC), shares its multi-year research roadmap for next-gen software-reliant systems.
• By Anita Carleton
In Software Engineering Research and Development
![Headshot of Anita Carleton.](/media/images/thumb_big_a-carleton_blog_autho.max-180x180.format-webp.webp)
Agile Metrics: Assessing Progress to Plans
The role of metrics in a government program’s assessment of progress in an iterative, incremental delivery of a system.
• By Will Hayes, Patrick R. Place, Keith Korzec
In Agile
![Will Hayes](/media/images/thumb_big_w-hayes_blog_authors_.max-180x180.format-webp.webp)
![Patrick Place](/media/images/thumb_big_p-place_blog_authors_.max-180x180.format-webp.webp)
Safety Assurance Does Not Provide Software Assurance
This SEI Blog on cybersecurity in cyber-physical systems (CPS), shows how safety evaluations fail to protect against cyber threats.
• By Mark Sherman
In Cyber-Physical Systems
![Mark Sherman](/media/images/thumb_big_m-sherman_blog_author.max-180x180.format-webp.webp)
DNS Over HTTPS: 3 Strategies for Enterprise Security Monitoring
DNS over HTTPS (DoH) can impair enterprise network visibility and security by bypassing traditional DNS monitoring and protections. In this post, I'll provide enterprise defenders three strategies for security monitoring …
• By Sean Hutchison
In Cybersecurity Engineering
![shutchison](/media/images/thumb_big_s-hutchison_blog_auth.max-180x180.format-webp.webp)
Navigating People Concerns when Transitioning from Sustainment to Engineering Software-Reliant Systems
This post explores people issues that must be considered when software teams transition from sustainment to engineering.
• By Thomas Evans, Michael J. Gagliardi, Mena Kostial, Nicholas Reimer, Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
![Headshot of Thomas Evans](/media/images/thumb_big_t-evans_blog_authors_.max-180x180.format-webp.webp)
![Headshot of Michael Gagliardi.](/media/images/thumb_big_m-gagliardi_blog_auth.max-180x180.format-webp.webp)
Translating the Risk Management Framework for Nonfederal Organizations
This blog post translates federal-government-specific aspects of the Risk Management Framework into processes for nonfederal organizations.
• By Emily Shawgo, Brian Benestelli
In Enterprise Risk and Resilience Management
![Emily Shawgo](/media/images/thumb_big_e-shawgo_blog_authors.max-180x180.format-webp.webp)
![Brian Benestelli](/media/images/thumb_big_b-benestelli_blog_aut.max-180x180.format-webp.webp)
5 Ways to Start Growing an AI-Ready Workforce
This blog post by Rachel Dzombak and Jay Palat outlines 5 factors that are critical for organizations and leaders to consider as they grow an AI-ready workforce.
• By Rachel Dzombak, Jay Palat
In Artificial Intelligence Engineering
![Photo of Rachel Dzombak](/media/images/thumb_big_r-dzombak_blog_author.max-180x180.format-webp.webp)
![Headshot of Jay Palat.](/media/images/thumb_big_v-palat_blog_authors_.max-180x180.format-webp.webp)
The Latest Work from the SEI: Coordinated Vulnerability Disclosure, Cybersecurity Research, Cyber Risk and Resilience, and the Importance of Fostering Diversity in Software Engineering
This post highlights the latest work from the SEI in coordinated vulnerability disclosure, cyber risk and resilience management, automation, and the science of cybersecurity.
• By Douglas Schmidt (Vanderbilt University)
In CERT/CC Vulnerabilities
![Douglas C. Schmidt](/media/images/thumb_big_d-schmidt_blog_author.max-180x180.format-webp.webp)
Introducing CERT Kaiju: Malware Analysis Tools for Ghidra
Ghidra provides a compelling environment for reverse engineering tools that are relatively easy to use during malware analysis. Our latest blog post highlights a new suite of tools, known as …
• By Garret Wassermann, Jeff Gennari
In Reverse Engineering for Malware Analysis
![Garret Wassermann](/media/images/thumb_big_g-wasserman_blog_auth.max-180x180.format-webp.webp)
![Jeffrey Gennari](/media/images/thumb_big_j-gennari_blog_author.max-180x180.format-webp.webp)
SEI Blog Archive
Recent
Year