Archive: 2024
The Top 10 Blog Posts of 2023
Every January on the SEI Blog, we present the 10 most-visited posts of the previous year. This year’s top 10 highlights our work in zero trust, large language models, DevSecOps, …
Read More•By Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
The Latest Work from the SEI
This SEI Blog post summarizes some recent publications from the SEI in the areas of supply chain risk management, technical debt, large language models, quantum computing, acquisition, and trustworthiness in …
Read More•By Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
10 Benefits and 10 Challenges of Applying Large Language Models to DoD Software Acquisition
This post presents 10 benefits and 10 challenges of applying LLMs to the software acquisition process and suggests specific use cases where generative AI can provide value.
Read More•By John E. Robert, Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
The Top 10 Skills CISOs Need in 2024
This post outlines the top 10 skills that CISOs need in 2024 and beyond.
Read More•By Greg Touhill
In Enterprise Risk and Resilience Management
Applying the SEI SBOM Framework
This SEI Blog post examines ways you can leverage your software bill of materials (SBOM) data, using the SEI SBOM Framework, to improve your software security and inform your supply …
Read More•By Carol Woody
In Software Engineering Research and Development
Using ChatGPT to Analyze Your Code? Not So Fast
This blog post explores the efficacy of ChatGPT 3.5 in identifying errors in software code.
Read More•By Mark Sherman
In Artificial Intelligence Engineering
CERT Releases 2 Tools to Assess Insider Risk
The average insider risk incident costs organizations more than $600,000. To help organizations assess their insider risk programs, the SEI CERT Division has released two tools available for download.
Read More•By Roger Black
In Insider Threat
OpenAI Collaboration Yields 14 Recommendations for Evaluating LLMs for Cybersecurity
This SEI Blog post summarizes 14 recommendations to help assessors accurately evaluate LLM cybersecurity capabilities.
Read More•By Jeff Gennari, Shing-hon Lau, Samuel J. Perl
In Artificial Intelligence Engineering
10 Lessons in Security Operations and Incident Management
This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.
Read More•By Robin Ruefle
In Insider Threat
Example Case: Using DevSecOps to Redefine Minimum Viable Product
This SEI blog post, authored by SEI interns, describes their work on a microservices-based software application, an accompanying DevSecOps pipeline, and an expansion of the concept of minimum viable product …
Read More•By Joe Yankel
In DevSecOps
SEI Blog Archive
Recent
Year