SEI Shorts

SEI Shorts

In this SEI Cyber Minute, Alex Corn discusses how to protect systems using Secure Shell (SSH). SSH supports keys, which provide efficiency and security benefits.

SEI Shorts

In this SEI Cyber Minute, Bobbie Stempfley explains how in our increasingly complex world, the SEI is redefining approaches to security to address the transformative technologies being adopted throughout government and industry.

SEI Shorts

Suzanne Miller explains a pitfall that can occur during Agile implementation within complex, embedded systems and introduces a mindset to help reap the benefits of Agile and lean approaches throughout complex systems development.

SEI Shorts

September 2019 has been designated “National Insider Threat Awareness Month.” A number of federal agencies—including the FBI, Office of the Under Secretary of Defense for Intelligence, and Department of Homeland Security—have chosen September to spotlight the risks that insiders pose to national security.

SEI Shorts

Static analysis alerts about software code flaws require costly manual effort to validate and repair. As a result, organizations often severely limit the types of alerts they manually examine to the types of code flaws they most worry about. That approach results in a tradeoff where many True flaws may never get fixed. To make alert handling more efficient, the SEI developed and tested novel software that enables the rapid deployment of a method to classify alerts automatically and accurately.

SEI Shorts

In this SEI Cyber Minute, Ebonie McNeil explains how the Source Code Analysis Integrated Framework Environment or (SCAIFE) prototype is intended to be used by developers and analysts who manually audit alerts.

SEI Shorts

Threat-modeling methods provide an approach for identifying possible threats to a system and mitigating them. In this SEI Cyber Minute, Chris Alberts discusses the Security Engineering Risk Analysis (SERA) Method and the threats and risks that organizations can use it to model and plan for. In addition, Chris discusses the threat-modeling methods the SEI recently integrated into the SERA Method.

SEI Shorts

Confidence maps collect arguments or doubts about a claim, to which one can then apply a process of elimination to establish how much confidence someone can have that the claim is true. This SEI Cyber Minute gives an example that provides a practical explanation of the information that confidence maps take into consideration and how they work. It also provides a few examples of how the SEI has used them in the past to support certain projects.

SEI Shorts

The SEI works on projects that help computers (1) learn about the content that they store and (2) find pertinent information based on what they learn. One particular SEI project involves teaching computers to find clues in specification documents that can lead to the discovery of vulnerabilities without the help of analysts. This SEI Cyber Minute provides a quick overview of these kinds of projects and gives you information about how you can contact the SEI to collaborate on them.

SEI Shorts

At the SEI, we built an implementation of tactical cloudlets that we call KD-Cloudlet. Soldiers, emergency workers, field researchers, medics – really anyone who needs to be a cyber forager for computing resources -- can now use KD-Cloudlet to support mobile applications that: