Blog Posts
An Introduction to Hardening Docker Images
Through our work, we have seen stakeholders encountering difficulty with hardening open source container images for vulnerability mitigation.
Read More•By Maxwell Trdina, Sasank Vishnubhatla
In Cybersecurity Engineering
A Framework for Detection in an Era of Rising Deepfakes
This blog post details the evolving deepfake landscape and introduces a framework for detection.
Read More•By Matthew Walsh
In Cybersecurity Engineering
Evaluating Static Analysis Alerts with LLMs
LLMs show promising initial results in adjudicating static analysis alerts, offering possibilities for better vulnerability detection. This post discusses initial experiments using GPT-4 to evaluate static analysis alerts.
Read More•By William Klieber, Lori Flynn
In Cybersecurity Engineering
3 API Security Risks and Recommendations for Mitigation
This blog post presents three top API security risks along with recommendations for mitigating them.
Read More•By McKinley Sconiers-Hasan
In Cybersecurity Engineering
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
Read More•By David Svoboda
In Cybersecurity Engineering
Versioning with Git Tags and Conventional Commits
This blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.
Read More•By Alex Vesey
In Cybersecurity Engineering
API Security through Contract-Driven Programming
This blog post explores contract programming and specifically how that applies to the building, maintenance, and security of APIs.
Read More•By Alex Vesey
In Cybersecurity Engineering
Explainability in Cybersecurity Data Science
This post provides an overview of explainability in machine learning and includes illustrations of model-to-human and human-to-model explainability.
Read More•By Jeffrey Mellon, Clarence Worrell
In Cybersecurity Engineering
Secure by Design at CERT
The national cybersecurity strategy calls on tech providers to ensure that all their products are secure by design and secure by default. This post highlights the SEI CERT Division's continued …
Read More•By Greg Touhill
In Cybersecurity Engineering
3 Activities for Making Software Secure by Design
Understanding key principles, roadblocks, and accelerators can shift the secure software development paradigm.
Read More