search menu icon-carat-right cmu-wordmark

Archive: 2020

7 Quick Steps to Using Containers Securely

7 Quick Steps to Using Containers Securely

• SEI Blog
Thomas Scanlon

Richard Laughlin coauthored this blog post. The use of containers in software development and deployment continues to trend upwards. There is good reason for this climb in usage as containers offer many benefits, such as being lightweight, modular, portable, and scalable, all while enabling rapid and flexible deployments with application isolation. However, as use of this technology increases, so does the likelihood that adversaries will target it as a means to compromise systems. Such concerns...

Read More
An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

• SEI Blog
Katie C. Stewart

Andrew Hoover co-authored this blog post. A recent study predicted that business losses due to cybercrime will exceed $5 trillion by 2024. The threat to the Defense Industrial Base (DIB)—the network of more than 300,000 businesses, organizations, and universities that research, engineer, develop, acquire, design, produce, deliver, sustain, and operate military weapons systems—is especially alarming due to current cyber warfare activities by cybercriminals and state-sponsored actors. A cyber attack within the DIB supply chain could...

Read More
Situational Awareness for Cybersecurity Architecture: Network Visibility

Situational Awareness for Cybersecurity Architecture: Network Visibility

• SEI Blog
Timur Snoke

Network compromises cannot be detected without visibility into the activities within assets. Network security analysts can view these activities in one of two places (or sometimes both): directly on the device by means of endpoint visibility and in the communications going to and from the device; in other words, on the network. In our earlier blog post on cyber situational awareness (SA) for the enterprise, we discussed endpoint visibility. In this post, we turn our...

Read More
Using Machine Learning to Detect Design Patterns

Using Machine Learning to Detect Design Patterns

• SEI Blog
Robert Nord

This post was co-written by Zachary Kurtz. Software increasingly serves core DoD functions, such as ship and plane navigation, supply logistics, and real-time situational awareness. The complexity of software, however, makes it hard to evaluate software quality. The ability to evaluate software is critical both for software developers and for DoD program managers who are responsible for software acquisitions. The quality of software can make or break a program budget. Quality attributes such as reliability,...

Read More
Five Reasons the Cybersecurity Field Needs Trusted Data Sets and Meaningful Metrics

Five Reasons the Cybersecurity Field Needs Trusted Data Sets and Meaningful Metrics

• SEI Blog
Bobbie Stempfley

Matthew Butkovic co-authored this blog post. Cybersecurity is a domain rich with data, but regrettably often only poor insights can be drawn from this richness. CISOs ask questions about how best to allocate resources to address threats, practitioners ask questions about how to measure the effectiveness of one solution over another, senior organizational leaders strive to identify and quantify organizational risks, and public officials work to inform organizational or national policy. Answers often involve anecdotes,...

Read More
Designing Trustworthy AI for Human-Machine Teaming

Designing Trustworthy AI for Human-Machine Teaming

• SEI Blog
Carol Smith

Artificially intelligent (AI) systems hold great promise to empower us with knowledge and enhance human effectiveness. As Department of Defense (DoD) warfighters partner with AI systems more frequently, we will identify more opportunities to clarify the limits of AI and to set realistic expectations for these types of systems. As a senior research scientist in human-machine interaction at the SEI's Emerging Technology Center, I am working to further understanding of how humans and machines can...

Read More
Summarizing and Searching Video with Machine Learning

Summarizing and Searching Video with Machine Learning

• SEI Blog
Edwin Morris

The U.S. relies on surveillance video to determine when activities of interest occur in a location that is under surveillance. Yet, because automated tools are not available to help analysts monitor real-time video or analyze archived video, analysts must dedicate full attention to video data streams to avoid missing important information about ongoing activities and patterns of life. In tactical settings, warfighters miss critical information that would improve situational awareness because dedicating full attention to...

Read More
Automated Code Repair to Ensure Memory Safety

Automated Code Repair to Ensure Memory Safety

• SEI Blog
Will Klieber

Memory-safety vulnerabilities are among the most common and most severe types of software vulnerabilities. In early 2019, a memory vulnerability in the iPhone iOS, reportedly exploited by the Chinese government, allowed attackers to take control of a phone when the user visited a malicious website. A similar vulnerability discovered in the Android Stagefright library allowed an attacker to gain control simply by sending a Multimedia Messaging Service (MMS) message to a vulnerable phone. For each...

Read More
System Resilience Part 5: Commonly-Used System Resilience Techniques

System Resilience Part 5: Commonly-Used System Resilience Techniques

• SEI Blog
Donald Firesmith

If adverse events or conditions cause a system to fail to operate appropriately, they can cause all manner of harm to valuable assets. As I outlined in previous posts in this series, system resilience is important because no one wants a brittle system that cannot overcome the inevitable adversities. In the first post in this series, I addressed these questions by providing the following, more detailed, and nuanced definition of system resilience: A system is...

Read More
Engineering for Cyber Situational Awareness: Endpoint Visibility

Engineering for Cyber Situational Awareness: Endpoint Visibility

• SEI Blog
Phil Groce

This post was co-written by Timur Snoke. In this post, we aim to help network security analysts understand the components of a cybersecurity architecture, starting with how we can use endpoint information to enhance our cyber situational awareness. Endpoints collect a wealth of information valuable for situational awareness, but too often this information goes underutilized....

Read More
System Resilience Part 4: Classifying System Resilience Techniques

System Resilience Part 4: Classifying System Resilience Techniques

• SEI Blog
Donald Firesmith

A system resilience technique is any architectural, design, or implementation technique that increases a system's resilience. These techniques (e.g., mitigations, such as redundancy, safeguards, and cybersecurity countermeasures) either passively resist adversities, actively detect adversities, react to them, or recover from the harm they cause. System resilience techniques are the means by which a system implements its resilience requirements. Resilience techniques can also be viewed as architecture, design, or implementation patterns or idioms. This post begins...

Read More
Programmer Moneyball: Challenging the Myth of Individual Programmer Productivity

Programmer Moneyball: Challenging the Myth of Individual Programmer Productivity

• SEI Blog
Bill Nichols

A pervasive belief in the field of software engineering is that some programmers are much, much better than others (the times-10, or x10, programmer), and that the skills, abilities, and talents of these programmers exert an outsized influence on that organization's success or failure. This topic is the subject of my recent column in IEEE Software, The End to the Myth of Individual Programmer Productivity....

Read More
The Latest Work from the SEI: Penetration Testing, Artificial Intelligence, and Incident Management

The Latest Work from the SEI: Penetration Testing, Artificial Intelligence, and Incident Management

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, conference papers, and webcasts highlighting our work in penetration testing, designing trustworthy AI, fielding AI-enabled systems in the public sector, incident management, machine learning in cybersecurity, and cyber hygiene. These publications highlight the latest work of SEI technologists in these areas. This post includes a listing of each publication, author(s), and...

Read More
System Resilience Part 3: Engineering System Resilience Requirements

System Resilience Part 3: Engineering System Resilience Requirements

• SEI Blog
Donald Firesmith

At its most basic level, system resilience is the degree to which a system continues to perform its mission in the face of adversity. While critical to operational continuity, the system's services (capabilities) are only some of the assets the system must protect to continue to perform its mission. The system must detect adversities, react to them, and recover from the harm to critical assets that they cause. System resilience at a deeper level is...

Read More
The Top 10 Blog Posts of 2019

The Top 10 Blog Posts of 2019

• SEI Blog
Douglas C. Schmidt

Every January on the SEI Blog, we present the 10 most-visited posts of the previous year. This year's list of top 10 is presented in reverse order and features posts published between January 1, 2019, and December 31, 2019. -->10. Evaluating Threat-Modeling Methods for Cyber-Physical Systems9. Managing the Consequences of Technical Debt: 5 Stories from the Field8. The Vectors of Code: On Machine Learning for Software 7. Business Email Compromise: Operation Wire Wire and New...

Read More