How Easy Is It to Make and Detect a Deepfake?

The technology underlying the creation and detection of deepfakes and assessment of current and future threat levels

Read More

March 14, 2022 • By Catherine Bernaciak, Dominic A. Ross

In Artificial Intelligence Engineering

10 Types of Application Security Testing Tools: When and How to Use Them

This blog post categorizes different types of application security testing tools and provides guidance on how and when to use each class of tool.

Read More

July 8, 2018 • By Tom Scanlon

In CERT/CC Vulnerabilities

How to Get the Most Out of Penetration Testing

There are many reasons for an organization to perform a penetration test of its information systems: to meet compliance standards, test a security team's capabilities....

Read More

January 22, 2018 • By Michael Cook

In CERT/CC Vulnerabilities

8 At-Risk Emerging Technologies

Identifying 8 emerging technologies at risk for security vulnerabilities, this SEI Blog post covers autonomous systems, AI, 5G networks and more.

Read More

October 22, 2017 • By Dan J. Klinedinst

In CERT/CC Vulnerabilities

The Consequences of Insecure Software Updates

In this blog post, I discuss the impact of insecure software updates as well as several related topics, including mistakes made by software vendors in their update mechanisms, how to …

Read More

June 29, 2017 • By Will Dormann

In CERT/CC Vulnerabilities

The Twisty Maze of Getting Microsoft Office Updates

This SEI Blog post explores the complexities and challenges of managing Microsoft Office updates and provides insights into installation best practices.

Read More

April 12, 2017 • By Will Dormann

In CERT/CC Vulnerabilities

Windows 10 Cannot Protect Insecure Applications Like EMET Can

Recently, Microsoft published a blog post called Moving Beyond EMET that appears to make two main points....

Read More

November 20, 2016 • By Will Dormann

In CERT/CC Vulnerabilities

CVD Series: Principles of Coordinated Vulnerability Disclosure (Part 2 of 9)

This SEI Blog, the second in a nine-part series, explores Coordinated Vulnerability Disclosure (CVD) best practices for vulnerability disclosure.

Read More

October 3, 2016 • By Garret Wassermann

In CERT/CC Vulnerabilities

CVD Series: What is Coordinated Vulnerability Disclosure? (Part 1 of 9)

This is the first post in a series about Coordinated Vulnerability Disclosure (CVD). In this series, we will discuss why CVD is an important part of the modern software development …

Read More

September 26, 2016 • By Garret Wassermann

In CERT/CC Vulnerabilities

Bypassing Application Whitelisting

Application whitelisting is a useful defense against users running unapproved applications....

Read More

June 29, 2016 • By Will Dormann

In CERT/CC Vulnerabilities