Cyber-Informed Machine Learning

This blog post proposes cyber-informed machine learning as a conceptual framework for emphasizing three types of explainability when ML is used for cybersecurity.

Read More

February 10, 2025•By Jeffrey Mellon, Clarence Worrell

In Cybersecurity Engineering

13 Cybersecurity Predictions for 2025

It’s that time of year when we reflect on the past year and eagerly look forward. This post presents 13 cyber predictions for 2025.

Read More

January 21, 2025•By Greg Touhill

In Cybersecurity Engineering

An Introduction to Hardening Docker Images

Through our work, we have seen stakeholders encountering difficulty with hardening open source container images for vulnerability mitigation.

Read More

November 11, 2024•By Maxwell Trdina, Sasank Vishnubhatla

In Cybersecurity Engineering

A Framework for Detection in an Era of Rising Deepfakes

This blog post details the evolving deepfake landscape and introduces a framework for detection.

Read More

October 28, 2024•By Matthew Walsh

In Cybersecurity Engineering

Evaluating Static Analysis Alerts with LLMs

LLMs show promising initial results in adjudicating static analysis alerts, offering possibilities for better vulnerability detection. This post discusses initial experiments using GPT-4 to evaluate static analysis alerts.

Read More

October 7, 2024•By William Klieber, Lori Flynn

In Cybersecurity Engineering

3 API Security Risks and Recommendations for Mitigation

This blog post presents three top API security risks along with recommendations for mitigating them.

Read More

July 15, 2024•By McKinley Sconiers-Hasan

In Cybersecurity Engineering

Redemption: A Prototype for Automated Repair of Static Analysis Alerts

This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.

Read More

June 10, 2024•By David Svoboda

In Cybersecurity Engineering

Versioning with Git Tags and Conventional Commits

This blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.

Read More

May 29, 2024•By Alex Vesey

In Cybersecurity Engineering

API Security through Contract-Driven Programming

This blog post explores contract programming and specifically how that applies to the building, maintenance, and security of APIs.

Read More

March 18, 2024•By Alex Vesey

In Cybersecurity Engineering

Explainability in Cybersecurity Data Science

This post provides an overview of explainability in machine learning and includes illustrations of model-to-human and human-to-model explainability.

Read More

November 20, 2023•By Jeffrey Mellon, Clarence Worrell

In Cybersecurity Engineering