New Podcast Released: The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)
In this podcast, Jason Christopher and Nader Mehravari discuss how ES-C2M2 helps to improve the operational resilience and security of the U.S. power grid.
Operational Resilience Offers Key to Manage, Protect, and Sustain Organizations Through Disruptive Events
This free CERT virtual event helps organizations operationalize risk management.
New Podcast Released: Raising the Bar - Mainstreaming CERT C Secure Coding Rules
In this podcast, Robert Seacord describes the CERT-led effort to publish an ISO/IEC technical specification for secure coding rules for compilers and analyzers.
CERT Releases New CERT PGP Key
CERT has updated its PGP key. We strongly urge you to encrypt sensitive information.
New Podcast Released: Using the Cyber Resilience Review to Help Critical Infrastructures Better Manage Operational Resilience
In this podcast, Kevin Dillon and Matthew Butkovic discuss how the DHS Cyber Resilience Review helps critical infrastructure owners and operators improve their operational resilience and security.
Mead Named SEI Fellow
Nancy R. Mead, a principal researcher in the CERT Division, has been named an SEI Fellow.
Top 10 Coding Guidelines for Java
Members of the Secure Coding Team collaborated on a new book that helps highlight and remedy poor practices not addressed in the secure coding standard for Java.
Connect with the Software Assurance Education Community
The Software Assurance (SwA) Education Project team established the Software Assurance Education group on LinkedIn where you can participate with other educators.
Share Your Software Assurance Education Materials
The Software Assurance (SwA) Education Project team is looking for materials to share with educators interested in adopting elements of the software assurance curricula.
Keeping secrets from insiders likely to turn on you
Randy Trzeciak of the SEI's CERT Division lends perspective to the challenge of insider threat.
SEI's Nidiffer Honored by IEEE Computer Society
Kenneth Nidiffer, director of Strategic Planning for Government Programs at the SEI, has been recognized with an Outstanding Contribution Award by the Institute of Electrical and Electronics Engineers (IEEE) Computer Society.
Educators Gather at SEI for 10th Annual ACE Workshop
Software engineering educators from 14 leading institutions in the United States and abroad gathered from August 5-7, 2013, at the SEI’s Pittsburgh facility for the 10th annual Architecture-Centric Engineering (ACE) Workshop for Educators.
Matt Gaston Invited to U.S. Frontiers of Engineering Symposium
Matt Gaston, director of the SEI’s Emerging Technology Center, has been invited to participate in the 2013 U.S. Frontiers of Engineering Symposium. The symposium brings together 100 of the nation’s top engineers under the age of 45.
CERT Insider Threat Center Offers Free Online Event To Help Organizations Manage Insider Threats
Cybersecurity experts from the CERT Insider Threat Center at the Carnegie Mellon University Software Engineering Institute will present a free virtual event on current research aimed at establishing best practices to mitigate insider threats.
Townsend Talks Top 5 Cyber Intelligence Challenges at 2013 Spooks and Suits
Experts from SEI’s Emerging Technology Center recently outlined challenges and strategies to intelligence community and private sector at 2013 Spooks and Suits conference.
TSP Symposium 2013 Keynotes to Focus on Quality Practices for Critical Software
The Carnegie Mellon University Software Engineering Institute (SEI) has announced the slate of software engineering thought-leaders who will serve as keynote speakers for the Team Software Process (TSP) Symposium 2013.
SEI Team Probes the Public Safety Value of Social Media at Massive Outdoor Music Festival
edge analytics,edge programming,public safety,social media,sentiment analysis
Implement an MSwA Program or Track
Resources are available for faculty interested in creating a standalone Master of Software Assurance (MSwA) degree program or MSwA track.
SATURN 2013 Conference Draws Record Attendance
209 attendees representing 20 countries and 117 organizations convened in Minneapolis to explore numerous topics pertinent to practicing software architects at the SATURN 2013 Conference.
NSA Leak Ushers In New Era Of The Insider Threat
• Dark Reading reports how recent events have given business leaders fresh incentive to consider protecting themselves against insider threats.
Limiting Risks Found in the Cloud
GovInfoSecurity interviews the SEI CERT Program's Alex Nicoll and Dawn Cappelli on the approaches cloud computing providers must take to prevent their employees from stealing or harming the customer data they host.
How the Feds Have Tried to Fight Leaks (So Far)
Popular Mechanics looks at efforts by the Federal Government to address the problem of leaks. Among the tools at the government's disposal, Popular Mechanics cites a document tagger developed by the Insider Threat Center in the SEI's CERT Program.
CERT Experts Discuss Constructing a Secure Cyber Future at SEI Virtual Event
CERT Experts Discuss Constructing a Secure Cyber Future at SEI Virtual Event in April 2013. In his remarks, Pethia noted that attack technology is outpacing defense technology.
CERT Program Drafts Operational Guide and Hosts Symposium to Spur Better Health Information Exchange System Resilience
CERT Division researchers drafted a guide to enable health information exchanges (HIEs) to remain resilient during cybersecurity incidents and disruptions.
United States Secret Service Honors CERT Insider Threat Team Members
The United States Secret Service honored Randy Trzeciak and Todd Lewellen of the CERT Insider Threat Team for their contributions to law enforcement.
Search for Boston bombers likely relied on eyes, not software
The SEI's Todd Waits, a digital investigation and intelligence expert in the CERT Program, talks to Reuters about the potential use of facial-recognition technology in the investigation of the 2013 Boston Marathon bombing attack.
New Edition of Secure Coding in C and C++ Addresses Code Changes and New Threats
o address advances and changes in the C and C++ coding languages, and to address new threats faced by programmers working in these languages, SEI researcher Robert C. Seacord has authored Secure Coding in C and C++, Second Edition.
SEI Researchers Test Tactical-Edge Tools and Assess Real-World Stakeholder Challenges at JIFX
Earlier this year, a team from the Software Engineering Institute’s (SEI) Research, Technology, and Systems Solutions (RTSS) Program traveled to Camp Roberts to participate in the February 2013 JIFX event.
Cybersecurity Experts to Discuss How to Construct a Secure Cyber Future
On April 30, 2013, cybersecurity experts from the Carnegie Mellon University Software Engineering Institute (SEI) will present in a free, virtual event on current research and development aimed at securing an organization’s cyber future.
Calling All Software Engineers and Cybersecurity Pros: The SEI is Hiring
The SEI is currently hiring professionals who want to pursue their passion alongside world-recognized leaders in the field. If you’ve got the skills, join us at our invitational hiring event on Thursday and Friday, April 11-12, 2013, in Pittsburgh, Pa.
Software Assurance (SwA) Competency Model Published
The Software Assurance (SwA) Competency Model is a foundation for assessing and advancing the capability of software assurance professionals.
Software Assurance for Executives Course Materials Now Available
Software Assurance for Executives course materials provide guidance on all stages of the software assurance lifecycle and emerging topics such as cloud computing.
SEI to Co-Sponsor 25th Annual Software Technology Conference
The Software Engineering Institute (SEI) will co-sponsor the 2013 edition of the Software Technology Conference (STC 2013).
SEI Makes SMART Resources Freely Available
The SEI has made all of its SOA Migration, Adoption and Reuse Technique (SMART) resources freely available. The SEI often works to transition mature technologies and processes to the broad software engineering community.
Pittsburgh Tribune-Review: Cyberspace Offers New Frontier to Exploit Weaknesses, Initiate Attacks
The SEI's Marty Lindner lends perspective on the possibility of large-scale cyber attacks directed at the nation's infrastructure.
SATURN Conference Announces Speakers, Opens Registration
Registration for the ninth annual SEI Architecture Technology User Network (SATURN ) 2013 is now open. SATURN 2013 will take place in Minneapolis, Minnesota, from April 29-May 3 and will feature three keynote presentations by leaders in the field of soft
TEST SATURN 2012 Conference Registration Now Open
Registration is now open for the SATURN 2012 Conference, the SEI’s annual event dedicated exclusively to software, systems, and enterprise architecture.
SEI Virtual Event Showcases Value of System Quality Attributes
On January 16, 2013, senior researchers from the Software Engineering Institute (SEI) hosted “Architecting in a Complex World.” The SEI researchers explored ways to overcome challenging aspects of complexity.
Forbes, Intel Highlight Recent SEI Books
Two SEI books published in 2012 recently earned favorable notice, one from Forbes Magazine and the other from Intel Corporation.
Kevin Fall to Join SEI as Chief Technology Officer
Kevin R. Fall, a computer scientist and engineer with broad experience in government and industry, will join the Carnegie Mellon University Software Engineering Institute (SEI) January 30 as deputy director for research and chief technology officer.
CMMI Services To Be Provided Through New CMMI Institute
Carnegie Mellon University has formed a new institute to provide services related to the Capability Maturity Model Integration (CMMI). The new CMMI Institute manages all CMMI training, certification, licensing, appraisal services, and model development.
SC Magazine: Danger Within: Insider Threat
Dawn Cappelli of the CERT Insider Threat Center discusses how technical and non-technical controls can help organizations effectively mitigate malicious activity.
CERT Secure Coding Initiative Tackles Standard for Perl
Having successfully coordinated projects that resulted in secure coding standards for the C, C++, and Java programming languages, the CERT Secure Coding Initiative has unveiled work on a draft standard for Perl.
GovInfoSecurity - Insider Threat: Emerging Risks
Dawn Cappelli and Randy Trzeciak of the SEI CERT Insider Threat Center discuss their new book, the CERT Guide to Insider Threats and an emerging trend in which the malicious outsider is taking advantage of an inadvertent insider.
New CERT Tools Help Programmers Find, Avoid Vulnerabilities
The SEI’s CERT Program has released three software testing tools to help software engineers more options to identify and correct security vulnerabilities before the software ships.
ThreadStrong's Secure Application Development E-Learning Classes
Denim Group donated its ThreadStrong secure software development courses to U.S. universities to help students learn how to build more secure software.
Gregory Shannon Testifies Before House Committee about Cybersecurity Best Practices
Gregory Shannon testified before the House Energy and Commerce Subcommittee on Communications and Technology on Wednesday, March 28, 2012.
InformationWeek: 10 Best Ways to Stop Insider Attacks
InformationWeek's top 10 tips for battling insider threat.
2011 Cybersecurity Watch Survey: Organizations Need More Skilled Cyber Professionals to Stay Secure
According to the 2011 cybersecurity watch survey, more attacks are committed by outsiders but attacks by insiders are viewed to be the most costly to organizations.
CERT Team Improves Security in the New ISO/IEC C Programming Language Standard
The CERT Secure Coding Team made key contributions to security features in the new ISO/IEC standard for the C programming language.