Software Engineering Institute

In 2024, Carnegie Mellon University Software Engineering Institute (CMU SEI) held the 2nd annual Secure Software by Design Conference.

Presentations included:

• Kirk Lawerence: Is Our World Secure Yet? Are We Even Close? An Update on CISA’s Secure by Design Initiative
• Joel Krooswyk: Accelerating Application Refactoring: AI in DevSecOps
• Matt "Kelly" Williams: Sustainable IT Is Secure IT: Building a Resilient and Responsible Digital Future
• Alejandro Gomez: Modern API Security
• José Carlos Chávez: Managing Open Source Software Security in Your Organization
• Mike McCabe: Buildings Secure Infrastructure: What Developers Need to Know
• Teja Swaroop Mylavarapu: Intelligent and Predictive Failover: The Race Against Errors by Marching Towards Resiliency
• Adam Firestone: How I Learned to Stop Worrying and Love the Quantumpocalypse
• David Svoboda: Automated Repair of Static Analysis Alerts
• Steve McGeown: Good vs. Evil: AI Attack Mitigation Strategies
• Rick Linger: The Emerging Technology of Software Behavior Computation for Security and Correctness
• Larry Maccherone: A Developer’s Guide to Making a Deal with Security
• McKinley Sconiers-Hasan: Microservices and API Risks and Mitigations
• Amir Sharif: The Call Is Coming from Inside the House: API Abuse by Authenticated Users
• Lori Flynn and Will Klieber: Using LLMs to Adjudicate Static-Analysis Alerts
• Alex Vesy: Contract Programming: Formalizing APIs
• Clint Dovholuk: Protecting APIs with Zero Trust Overlay Mesh Networks
• Carol Woody: Meeting Challenges of Software Assurance and Supply Chain Risk Management