News

Software Engineering Institute11d

40 years of Advancing Software for National Security

Software Engineering Institute (SEI) is marking 40 years as a cornerstone of advancing software as a strategic advantage for ...
Software Engineering Institute5mon

Zero Trust Industry Days Starts Critical Conversation

Researchers, vendors, and government bodies gathered to share solutions for implementing a zero trust architecture.
sei.cmu8mon

CMMC Program Safeguards Information in the Defense Industrial Base

On December 16, 2024, 32 CFR Part 170 established the Cybersecurity Maturity Model Certification (CMMC) Program. The milestone marked a major transition for one of the SEI’s most impactful projects. A ...
sei.cmu8mon

The Personal Software Process (PSP) - SEI Digital Library

The Personal Software Process (PSP) provides engineers with a disciplined personal framework for doing software work. The PSP process consists of a set of methods, forms, and scripts that show ...
sei.cmu9mon

Introduction to MLOps: Bridging Machine Learning and Operations

Machine learning operations (MLOps) has emerged as a critical discipline in artificial intelligence and data science. This post introduces MLOps and its applications.
sei.cmu1y

Auditing Bias in Large Language Models - SEI Blog

How do you analyze a large language model (LLM) for harmful biases? The 2022 release of ChatGPT launched LLMs onto the public stage. Applications that use LLMs are suddenly everywhere, from customer ...
sei.cmu1y

Measurement Challenges in Software Assurance and Supply Chain Risk ...

This SEI Blog post examines the current state of measurement in software assurance and supply chain management, with a particular focus on open source software, and highlights promising measurement ...
sei.cmu1y

10 Lessons in Security Operations and Incident Management

This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.
Software Engineering Institute1y

History of Innovation at the SEI

Since its inception in 1984, the SEI has worked to make software do more, be more secure, deploy faster, and cost less; improving software systems vital to national defense and the broader information ...
sei.cmu1y

Insider Threat Program Evaluation - SEI Digital Library

The Insider Threat Program Evaluation (ITPE) is an evidence-based, capability-level assessment. The ITPE is designed to benchmark an organization's insider threat program against a reference model ...
sei.cmu2y

UEFI: 5 Recommendations for Securing and Restoring Trust

This blog post expands on concerns brought to light from recent UEFI attacks, such as BlackLotus, and highlights 5 recommendations to secure and restore trust in the UEFI ecosystem.
sei.cmu2y

The Challenge of Adversarial Machine Learning - SEI Blog

This SEI Blog post examines how machine learning systems can be subverted through adversarial machine learning, the motivations of adversaries, and what researchers are doing to mitigate their attacks ...