Security Vulnerabilities
Blog Posts
How Easy Is It to Make and Detect a Deepfake?
The technology underlying the creation and detection of deepfakes and assessment of current and future threat levels
• By Catherine Bernaciak, Dominic Ross
In Artificial Intelligence Engineering


10 Types of Application Security Testing Tools: When and How to Use Them
Bugs and weaknesses in software are common: 84 percent of software breaches exploit vulnerabilities at the application layer....
• By Thomas Scanlon
In CERT/CC Vulnerabilities
How to Get the Most Out of Penetration Testing
There are many reasons for an organization to perform a penetration test of its information systems: to meet compliance standards, test a security team's capabilities....
• By Michael Cook
In CERT/CC Vulnerabilities

8 At-Risk Emerging Technologies
Identifying 8 emerging technologies at risk for security vulnerabilities, this SEI Blog post covers autonomous systems, AI, 5G networks and more.
• By Dan J. Klinedinst
In CERT/CC Vulnerabilities

The Consequences of Insecure Software Updates
In this blog post, I discuss the impact of insecure software updates as well as several related topics, including mistakes made by software vendors in their update mechanisms, how to …
• By Will Dormann
In CERT/CC Vulnerabilities

The Twisty Maze of Getting Microsoft Office Updates
This SEI Blog post explores the complexities and challenges of managing Microsoft Office updates and provides insights into installation best practices.
• By Will Dormann
In CERT/CC Vulnerabilities

Windows 10 Cannot Protect Insecure Applications Like EMET Can
Recently, Microsoft published a blog post called Moving Beyond EMET that appears to make two main points....
• By Will Dormann
In CERT/CC Vulnerabilities

CVD Series: Principles of Coordinated Vulnerability Disclosure (Part 2 of 9)
This SEI Blog, the second in a nine-part series, explores Coordinated Vulnerability Disclosure (CVD) best practices for vulnerability disclosure.
• By Garret Wassermann
In CERT/CC Vulnerabilities
CVD Series: What is Coordinated Vulnerability Disclosure? (Part 1 of 9)
This is the first post in a series about Coordinated Vulnerability Disclosure (CVD). In this series, we will discuss why CVD is an important part of the modern software development …
• By Garret Wassermann
In CERT/CC Vulnerabilities
Bypassing Application Whitelisting
Application whitelisting is a useful defense against users running unapproved applications....
• By Will Dormann
In CERT/CC Vulnerabilities
