Claim OwnershipSoftware Engineering Institute (SEI) Podcast Series
Подписка оформлена: 580Воспроизведенные: 5,838
Подписаться
© http://www.sei.cmu.edu/legal/
Описание
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
431 Episodes
Reverse
Containerization allows developers to run individual software applications in an isolated, controlled, repeatable way. With the increasing prevalence of cloud computing environments, containers are providing more and more of their underlying architecture. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Sasank Venkata Vishnubhatla and Maxwell Trdina, both engineers in the SEI CERT Division, sit down with Tim Chick, technical manager of the Applied Systems Group, to explore issues surrounding containerization, including recent vulnerabilities.
Software cost estimation is an important first step when beginning a project. It addresses important questions regarding budget, staffing, scheduling, and determining if the current environment will support the project. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Anandi Hira, a data scientist on the SEI’s Software Engineering Measurement and Analysis team sits down with Bill Nichols, principal engineer and SEI data science team lead, to discuss software cost estimation including various metrics, best practices, and common challenges when developing or building a model.
One of the biggest challenges in collecting cybersecurity metrics is scoping down objectives and determining what kinds of data to gather. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Bill Nichols, who leads the SEI’s Software Engineering Measurements and Analysis Group, discusses the importance of cybersecurity measurement, what kinds of measurements are used in cybersecurity, and what those metrics can tell us about cyber systems.
To make secure software by design a reality, engineers must intentionally build security throughout the software development lifecycle. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Timothy A. Chick, technical manager of the Applied Systems Group in the SEI’s CERT Division, discusses building, designing, and operating secure systems.
1 Harmful biases in large language models (LLMs) make AI less trustworthy and secure. Auditing for biases can help identify potential solutions and develop better guardrails to make AI safer. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Katie Robinson and Violet Turri, researchers in the SEI’s AI Division, discuss their recent work using role-playing game scenarios to identify biases in LLMs.
In the wake of widespread adoption of artificial intelligence (AI) in critical infrastructure, education, government, and national security entities, adversaries are working to disrupt these systems and attack AI-enabled assets. With nearly four decades in vulnerability management, the Carnegie Mellon University Software Engineering Institute (SEI) recognized a need to create an entity that would identify, research, and identify mitigation strategies for AI vulnerabilities to protect national assets against traditional cybersecurity, adversarial machine learning, and joint cyber-AI attacks. In this SEI podcast, Lauren McIlvenny, director of threat analysis in the SEI’s CERT Division, discusses best practices and lessons learned in standing up an AI Security Incident Response Team (AISIRT).
The exposed and public nature of application programming interfaces (APIs) come with risks including the increased network attack surface. Zero trust principles are helpful for mitigating these risks and making APIs more secure. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), McKinley Sconiers-Hasan, a solutions engineer in the SEI CERT Division, discusses three API risks and how to address them through the lens of zero trust.
How can we effectively use large language models (LLMs) for cybersecurity tasks? In this Carnegie Mellon University Software Engineering Institute podcast, Jeff Gennari and Sam Perl discuss applications for LLMs in cybersecurity, potential challenges, and recommendations for evaluating LLMs.
Capability-Based Planning (CBP) defines a framework that has an all-encompassing view of existing abilities and future needs for strategically deciding what is needed and how to effectively achieve it. Both business and government acquisition domains use CBP for financial success or to design a well-balanced defense system. The definitions understandably vary across these domains. In this SEI podcast, Anandi Hira, a data scientist, and William R. Nichols, an initiative lead for Software Engineering Measurement and Analysis, introduce CBP and its use and application in software acquisition.
What can the recently discovered vulnerabilities related to Rust tell us about the security of the language? In this podcast from the Carnegie Mellon University Software Engineering Institute, David Svoboda discusses two vulnerabilities, their sources, and how to mitigate them.
Cybersecurity risks aren’t just a national concern. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), the CERT division’s Tracy Bills, senior cybersecurity operations researcher and team lead, and James Lord, security operations technical manager, discuss the SEI’s work developing Computer Security Incident Response Teams (CSIRTs) across the globe.
Developers know that static analysis helps make code more secure. However, static analysis tools often produce a large number of false positives, hindering their usefulness. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda, a software security engineer in the SEI’s CERT Division, discusses Redemption, a new open source tool from the SEI that automatically repairs common errors in C/C++ code generated from static analysis alerts, making code safer and static analysis less overwhelming.
Not all paths to cybersecurity careers look the same. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Randy Trzeciak, deputy director of cyber risk and resilience in the SEI’s CERT division, discusses his career journey, resources for pursuing a career in cybersecurity, and the importance of building a diverse workforce.
Sam Procter started out studying computer science at the University of Nebraska, but he didn’t love it. It wasn’t until he took his first software engineering course that he knew he’d found his career path. In this podcast from the Carnegie Mellon University Software Engineering Institute, Sam Procter discusses the early influences that shaped his career, the importance of embracing different types of diversity in his research and work, and the value of a work-life balance.
With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.
In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Ware, a senior cybersecurity engineer in the SEI’s CERT Division, discusses her career path, the value of mentorship, and the importance of diversity in cybersecurity.
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Suzanne Miller, a principal researcher in the SEI’s Software Solutions Division, discusses her career path, the value of mentorship, and the importance of diversity in software engineering.
Across the globe, women account for less than 30 percent of professionals in technical fields. That number drops to 22 percent in the field of Artificial Intelligence (AI). In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Violet Turri, a software developer in the SEI’s AI Division, discusses the evolution of her career in AI and the importance of diversity in the field.
At the request of the White House, the Office of the Director of National Intelligence (ODNI) began exploring use cases for large language models (LLMs) within the Intelligence Community (IC). As part of this effort, ODNI sponsored the Mayflower Project at Carnegie Mellon University’s Software Engineering Institute (SEI) from May 2023 through September 2023. The Mayflower Project attempted to answer the following questions: How might the IC set up a baseline, stand-alone LLM? How might the IC customize LLMs for specific intelligence use cases? How might the IC evaluate the trustworthiness of LLMs across use cases? In this SEI Podcast, Shannon Gallagher, AI engineering team lead, and Rachel Dzombak, special advisor to the director of the SEI’s AI Division, discuss the findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use cases.
Modern software engineering practices of Agile and DevSecOps have provided a foundation for producing working software products faster and more reliably than ever before. Far too often, however, these practices do not address the non-software concerns of business mission and capability delivery even though these concerns are critical to the successful delivery of a software product. Through our work with government organizations, we have found that expanding DevSecOps beyond product development enables other teams to increase their capabilities and improve their processes. Agile methodologies are also being used for complex system and hardware developments. In this podcast from the Carnegie Mellon University Software Engineering Institute, Lyndsi Hughes, a senior systems engineer and David Sweeney, an associate software developer, both with the SEI CERT Division, share their experiences leveraging DevSecOps pipelines in atypical situations in support of teams focused on the capability delivery and business mission for their organizations.
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
Загрузить из Google Play
Загрузить из App Store
United States
Thankful to you for sharing the information. It is helpful for students Whether it's essays, research papers, presentations, or any academic task, our experienced team ensures meticulous research, clear analysis, and original content tailored to your requirements. We understand the pressures of academic life and offer a seamless process from order placement to submission. For more info visit https://ukwritings.com/do-my-assignment With a commitment to quality, confidentiality, and on-time delivery, we guarantee peace of mind and academic success. Let us handle your assignments with professionalism and care, allowing you to focus on other priorities.