
Blog Posts
3 Activities for Making Software Secure by Design
Understanding key principles, roadblocks, and accelerators can shift the secure software development paradigm.
• By Carol Woody, Robert Schiela
In Cybersecurity Engineering


Using Game Theory to Advance the Quest for Autonomous Cyber Threat Hunting

This SEI Blog post describes an effort to apply game theory to the development of algorithms suitable for informing a fully autonomous threat hunting capability and introduces the concept of …
• By Phil Groce
In Cybersecurity Engineering

8 Areas of Future Research in Zero Trust
The National Cybersecurity Strategy was released on March 1st, 2023 to improve federal cybersecurity through the implementation of a zero trust architecture.
• By Matthew Nicolai, Trista Polaski, Timothy Morrow
In Cybersecurity Engineering


Security Analytics: Using SiLK and Mothra to Identify Data Exfiltration via the Domain Name Service
This post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.
• By Timothy J. Shimeall
In Cybersecurity Engineering

The Benefits of Cyber Assessment Training
This post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.
• By Rhonda Brown, Alexander Petrilli
In Cybersecurity Engineering


5 Best Practices from Industry for Implementing a Zero Trust Architecture
This blog post presents 5 best practices from industry on implementing a zero trust architecture and discusses why they are significant.
• By Matthew Nicolai, Nathaniel Richmond, Timothy Morrow
In Cybersecurity Engineering


An Acquisition Security Framework for Supply Chain Risk Management
This post introduces the Acquisition Security Framework (ASF), which helps organizations identify the critical touchpoints needed for effective supply chain risk management.
• By Carol Woody
In Cybersecurity Engineering

Using Alternate Data Streams in the Collection and Exfiltration of Data
In this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.
• By Dustin D. Updyke, Molly Jaconski
In Cybersecurity Engineering


The Zero Trust Journey: 4 Phases of Implementation
This post outlines four phases that organizations should address as they develop and assess their roadmap and associated artifacts against a zero trust maturity model.
• By Timothy Morrow, Matthew Nicolai
In Cybersecurity Engineering


Security Analytics: Tracking Software Updates
This blog post presents an analytic for tracking software updates from official vendor locations.
• By Timothy J. Shimeall
In Cybersecurity Engineering
