![Cybersecurity Engineering topic image](/media/images/thumb_big-half_thumb_cybersecur.max-560x280.format-webp.webp)
Blog Posts
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
• By David Svoboda
In Cybersecurity Engineering
![David Svoboda](/media/images/thumb_big_d-svoboda_blog_author.max-180x180.format-webp.webp)
Versioning with Git Tags and Conventional Commits
This blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.
• By Alex Vesey
In Cybersecurity Engineering
![Alex Vesey](/media/images/avesey.max-180x180.format-webp.webp)
API Security through Contract-Driven Programming
This blog post explores contract programming and specifically how that applies to the building, maintenance, and security of APIs.
• By Alex Vesey
In Cybersecurity Engineering
![Alex Vesey](/media/images/avesey.max-180x180.format-webp.webp)
Explainability in Cybersecurity Data Science
![figure1_explainabilitydatascience_11202023](/media/images/figure1_explainabilitydatascien.max-730x270.format-webp.webp)
This post provides an overview of explainability in machine learning and includes illustrations of model-to-human and human-to-model explainability.
• By Jeffrey Mellon, Clarence Worrell
In Cybersecurity Engineering
![Photo of Jeffrey Mellon](/media/images/thumb_big_jl-mellon_blog_author.max-180x180.format-webp.webp)
![Headshot of Clarence Worrell](/media/images/Worrell_-_Profile_Pic.max-180x180.format-webp.webp)
Secure by Design at CERT
The national cybersecurity strategy calls on tech providers to ensure that all their products are secure by design and secure by default. This post highlights the SEI CERT Division's continued …
• By Greg Touhill
In Cybersecurity Engineering
![Greg Touhill](/media/images/thumb_mid_g-touhill_blog_author.max-180x180.format-webp.webp)
3 Activities for Making Software Secure by Design
Understanding key principles, roadblocks, and accelerators can shift the secure software development paradigm.
• By Carol Woody, Robert Schiela
In Cybersecurity Engineering
![Headshot of Carol Woody.](/media/images/thumb_big_c-woody_blog_authors_.max-180x180.format-webp.webp)
![Headshot of Robert Schiela](/media/images/thumb_big_r-schiela_blog_author.max-180x180.format-webp.webp)
Using Game Theory to Advance the Quest for Autonomous Cyber Threat Hunting
This SEI Blog post describes an effort to apply game theory to the development of algorithms suitable for informing a fully autonomous threat hunting capability and introduces the concept of …
• By Phil Groce
In Cybersecurity Engineering
![Headshot of Phil Groce.](/media/images/thumb_big_p-groce_blog_authors_.max-180x180.format-webp.webp)
8 Areas of Future Research in Zero Trust
The National Cybersecurity Strategy was released on March 1st, 2023 to improve federal cybersecurity through the implementation of a zero trust architecture.
• By Matthew Nicolai, Trista Polaski, Timothy Morrow
In Cybersecurity Engineering
![Headshot of Matthew Nicolai.](/media/images/thumb_big_m-nicolai_blog_author.max-180x180.format-webp.webp)
![Headshot of Trista Polaski](/media/images/thumb_big_t-polaski_blog_author.max-180x180.format-webp.webp)
Security Analytics: Using SiLK and Mothra to Identify Data Exfiltration via the Domain Name Service
This post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.
• By Timothy J. Shimeall
In Cybersecurity Engineering
![Tim Shimeall](/media/images/thumb_big_t-shimeall_blog_autho.max-180x180.format-webp.webp)
The Benefits of Cyber Assessment Training
This post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.
• By Rhonda Brown, Alexander Petrilli
In Cybersecurity Engineering
![Rhonda Brown](/media/images/thumb_big_r-brown_blog_authors_.max-180x180.format-webp.webp)
![Alexander Petrilli](/media/images/thumb_big_a-petrilli_blog_autho.max-180x180.format-webp.webp)