search menu icon-carat-right cmu-wordmark

Archive: September 2020

8 Steps for Migrating Existing Applications to Microservices

8 Steps for Migrating Existing Applications to Microservices

• SEI Blog
Brent Frye

A 2018 survey found that 63 percent of enterprises were adopting microservice architectures. This widespread adoption is driven by the promise of improvements in resilience, scalability, time to market, and maintenance, among other reasons. In this blog post, I describe a plan for how organizations that wish to migrate existing applications to microservices can do so safely and effectively....

Read More
Balancing Cyber Confidence and Privacy Concerns

Balancing Cyber Confidence and Privacy Concerns

• SEI Blog
William Reed

This post was co-written by Dustin Updyke. An important part of an organization's cybersecurity posture includes the monitoring of network traffic for proactive cyber defense. While enterprise network operators are focusing on how best to secure their networks, users are simultaneously demanding more privacy. The trend toward implementing network protocols designed to improve personal privacy is now making it harder for organizations to protect enterprise networks. This blog post briefly describes these protocols and the...

Read More
Managing Static Analysis Alerts with Efficient Instantiation of the SCAIFE API into Code and an Automatically Classifying System

Managing Static Analysis Alerts with Efficient Instantiation of the SCAIFE API into Code and an Automatically Classifying System

• SEI Blog
Lori Flynn

Static analysis tools analyze code without executing it to identify potential flaws in source code. Since alerts may be false positives, engineers must painstakingly examine them to adjudicate if they are legitimate flaws. Automation is needed to reduce the significant manual effort that would be required to adjudicate all (or significantly more of) the alerts. Many tools produce a large number of alerts with high false-positive rates. Other tools produce alerts for only a limited...

Read More
The Latest Work from the SEI: Microservices, Ransomware, and Agile in Government

The Latest Work from the SEI: Microservices, Ransomware, and Agile in Government

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, conference papers, and webcasts highlighting our work in cybersecurity, the future of cybersecurity education, microservices, ransomware, Cybersecurity Maturity Model Certification (CMMC), and Agile in government. We have also included a webcast of a recent discussion on Department of Defense (DoD) software advances and future SEI work. These publications highlight the latest...

Read More