search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

Inference of Memory Bounds: Preventing the Next Heartbleed

Inference of Memory Bounds: Preventing the Next Heartbleed

• SEI Blog
Will Klieber

Invalid memory accesses are one of the most prevalent and serious of software vulnerabilities. Leakage of sensitive information caused by out-of-bounds reads is a relatively new problem that most recently took the form of the Open SSL HeartBleed vulnerability. In this blog post, I will describe research aimed at detecting the intended bounds of memory that given pointers should be able to access....

Read More
Cyber Warfare, Technical Debt, Network Border Protection, and Insider Threat: The Latest Work from the SEI

Cyber Warfare, Technical Debt, Network Border Protection, and Insider Threat: The Latest Work from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, and presentations highlighting our work in cyber warfare, emerging technologies and their risks, domain name system blocking to disrupt malware, best practices in network border protection, robotics, technical debt, and insider threat and workplace violence. These publications highlight the latest work of SEI technologists in these areas. This post includes a...

Read More
Automated Detection of Information Leaks in Mobile Devices

Automated Detection of Information Leaks in Mobile Devices

• SEI Blog
Lori Flynn

This blog post is also authored by William Klieber. Exfiltration of sensitive data on mobile devices is a major concern for the DoD, other organizations, and individuals. Colluding apps in public use have been discovered by security researchers. The Mobile App Collusion attack, which spread across thousands of Android packages, is an example. Colluding apps, or a combination of a malicious app and leaky app, can use intents (messages sent to Android app components) to...

Read More
Five Models of Technology Transition to Bridge the Gap Between Digital Natives and Digital Immigrants

Five Models of Technology Transition to Bridge the Gap Between Digital Natives and Digital Immigrants

• SEI Blog
Suzanne Miller

As the defense workforce attracts younger staff members, this digital native generation is having an effect. "To accommodate millennial IT workers, so-called 'digital natives,'" wrote Phil Goldstein in a May 2016 FedTech article, "the service branches of the Department of Defense need to square cybersecurity with the attitudes and behaviors of younger employees, according to senior defense IT officials." Digital natives approach technology differently than digital immigrants, which includes those born before the widespread use...

Read More
5 Best Practices to Prevent Insider Threat

5 Best Practices to Prevent Insider Threat

• SEI Blog
Randy Trzeciak

Insider threat continues to be a problem with approximately 50 percent of organizations experiencing at least one malicious insider incident per year, according to the 2017 U.S. State of Cybercrime Survey. Although the attack methods vary depending on the industry, the primary types of attacks identified by researchers at the CERT Insider Threat Center--theft of intellectual property, sabotage, fraud, and espionage--continue to hold true. In our work with public and private industry, we continue to...

Read More
Multicore and Virtualization Recommendations

Multicore and Virtualization Recommendations

• SEI Blog
Donald Firesmith

The first post in this series introduced the basic concepts of multicore processing and virtualization, highlighted their benefits, and outlined the challenges these technologies present. The second post addressed multicore processing, whereas the third and fourth posts concentrated on virtualization via virtual machines (VMs) and containers (containerization), respectively. This fifth and final post in the series provides general recommendations for the use of these three technologies--multicore processing, virtualization via VMs, and virtualization via containers--including mitigating...

Read More
8 At-Risk Emerging Technologies

8 At-Risk Emerging Technologies

• SEI Blog
Dan J. Klinedinst

by Dan KlinedinstVulnerability AnalystCERT Division As the world becomes increasingly interconnected through technology, information security vulnerabilities emerge from the deepening complexity. Unexpected interactions between hardware and software components can magnify the impact of a vulnerability. As technology continues its shift away from the PC-centric environment of the past to a cloud-based, perpetually connected world, it exposes sensitive systems and networks in ways that were never before imagined. The information security community must be prepared to...

Read More
Machine Learning and Insider Threat

Machine Learning and Insider Threat

• SEI Blog
Daniel Costa

As organizations' critical assets have become digitized and access to information has increased, the nature and severity of threats has changed. Organizations' own personnel--insiders--now have greater ability than ever before to misuse their access to critical organizational assets. Insiders know where critical assets are, what is important, and what is valuable. Their organizations have given them authorized access to these assets and the means to compromise the confidentiality, availability, or integrity of data. As organizations...

Read More