Cybersecurity Engineering
Blog Posts
8 Areas of Future Research in Zero Trust
The National Cybersecurity Strategy was released on March 1st, 2023 to improve federal cybersecurity through the implementation of a zero trust architecture.
• By Matthew Nicolai, Trista Polaski, Timothy Morrow
In Cybersecurity Engineering


Security Analytics: Using SiLK and Mothra to Identify Data Exfiltration via the Domain Name Service

This post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.
• By Tim Shimeall
In Cybersecurity Engineering

The Benefits of Cyber Assessment Training
This post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.
• By Rhonda Brown, Alexander Petrilli
In Cybersecurity Engineering
5 Best Practices from Industry for Implementing a Zero Trust Architecture
This blog post presents 5 best practices from industry on implementing a zero trust architecture and discusses why they are significant.
• By Matthew Nicolai, Nathaniel Richmond, Timothy Morrow
In Cybersecurity Engineering


An Acquisition Security Framework for Supply Chain Risk Management
This post introduces the Acquisition Security Framework (ASF), which helps organizations identify the critical touchpoints needed for effective supply chain risk management.
• By Carol Woody
In Cybersecurity Engineering

Using Alternate Data Streams in the Collection and Exfiltration of Data
In this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.
• By Dustin Updyke, Molly Jaconski
In Cybersecurity Engineering


The Zero Trust Journey: 4 Phases of Implementation
This post outlines four phases that organizations should address as they develop and assess their roadmap and associated artifacts against a zero trust maturity model.
• By Timothy Morrow, Matthew Nicolai
In Cybersecurity Engineering


Security Analytics: Tracking Software Updates
This blog post presents an analytic for tracking software updates from official vendor locations.
• By Tim Shimeall
In Cybersecurity Engineering

Security Analytics: Tracking Proxy Bypass
This post describes how to track the amount of network traffic that is evading security proxies for services that such proxies are expected to cover.
• By Tim Shimeall
In Cybersecurity Engineering

A Cybersecurity Engineering Strategy for DevSecOps that Integrates with the Software Supply Chain
Reused code contains defects unknown to the new user, which, in turn, propagate vulnerabilities into new systems. Organizations must develop a cybersecurity engineering strategy that addresses the integration of DevSecOps …
• By Carol Woody
In Cybersecurity Engineering
