Software Engineering Institute (SEI) is marking 40 years as a cornerstone of advancing software as a strategic advantage for ...

This post summarizes the benefits, practices, and tools for using a modeling language and compares the capabilities of SysML and AADL for use in model-based systems engineering (MBSE).

This SEI Blog post describes efforts to develop fuzzy hashing, a technique to help analysts determine if two pieces of suspected malware are similar.

This SEI Blog post highlights the application of MDE tools for automatic code generation and provides a template for collecting information from MDE vendors.

The DevSecOps Platform-Independent Model gives instructions on creating, maintaining, and evolving DevSecOps pipelines.

Researchers, vendors, and government bodies gathered to share solutions for implementing a zero trust architecture.

As a vulnerability analyst at the CERT Coordination Center, I am interested not only in software vulnerabilities themselves, but also exploits and exploit mitigations.

A deepfake is a media file—image, video, or speech, typically representing a human subject—that has been altered deceptively using deep neural networks (DNNs) to alter a person’s identity. This ...

This blog post expands on concerns brought to light from recent UEFI attacks, such as BlackLotus, and highlights 5 recommendations to secure and restore trust in the UEFI ecosystem.

The SEI led the community in creating this multi-year research and development vision and roadmap for engineering next-generation software-reliant systems.

CERT/CC advisories are now part of the US-CERT National Cyber Awareness System. We provide these advisories, published by year, for historical purposes. This report details the description, impact, ...

The Insider Threat Test Dataset is a collection of synthetic insider threat test datasets that provide both background and malicious actor synthetic data.