Software Engineering Institute (SEI) Podcast Series

By Members of Technical Staff at the Software Engineering Institute

Technology Education

What's Software Engineering Institute (SEI) Podcast Series about?

Software Engineering Institute (SEI) Podcast Series

Download our free app to listen on your phone

LAST EPISODE

My Story in Computing with ...

04.29.2021

In this SEI Podcast, the latest in the “My Story in Computing” series, which explores the unique paths people take into the field of computing, David Zubrow discusses his path from a PhD in applied history and social sciences and ...

Software Engineering Institute (SEI) Podcast Series episodes:

04.29.2021 My Story in Computing with David Zubrow In this SEI Podcast, the latest in the “My Story in Computing” series, which explores the unique paths people take into the field of computing, David Zubrow discusses his path from a PhD in applied history and social sciences and ...
04.23.2021 Mission-Based Prioritization: A New Method for Prioritizing Agile Backlogs In this SEI Podcast, Keith Korzec discusses the Mission-Based Prioritization method for prioritizing Agile backlogs. This method overcomes the shortcomings of prioritization based on “weighted shortest job first” and utilizes objective, mission-focused criteria while allowing ongoing re-prioritization to be conducted ...
04.09.2021 My Story in Computing with Carol Smith Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast, part of the My Story in Computing series, learn how Carol Smith, who trained as a photojournalist, discusses how a ...
03.16.2021 Digital Engineering and DevSecOps Digital engineering is an integrated digital approach that uses authoritative sources of systems data and models as a continuum across disciplines to support lifecycle activities from concept through disposal. In this SEI Podcast, David Shepard, a software developer with the ...
03.09.2021 A 10-Step Framework for Managing Risk Brett Tucker, technical manager for cyber risk in the SEI CERT Division, discusses the Operationally Critical Threat, Asset, and Vulnerability Evaluation for the Enterprise (OCTAVE FORTE) Model, which helps organizations evaluate security risks and use principles of enterprise risk management ...
02.23.2021 7 Steps to Engineer Security into Ongoing and Future Container Adoption Efforts If organizations take more steps to address security-related activities now, they will be less likely to encounter security incidents in the future. When it comes to application containers, security is achieved through adopting a series of best practices and guidelines. ...
02.16.2021 Ransomware: Evolution, Rise, and Response In this SEI Podcast, Marisa Midler and Tim Shimeall, network defense analysts within the SEI's CERT Division, discuss the growing problem of ransomware including the rise of ransomware as a service threats. Midler and Shimeall also discuss steps and strategies ...
01.21.2021 VINCE: A Software Vulnerability Coordination Platform To scale communications and increase collaboration between vulnerability reporters, coordinators, and software vendors, the CERT/CC team has created a web-based platform for software vulnerability reporting and coordination, the Vulnerability Information and Coordination Environment (VINCE). Emily Sarneso, the architect of VINCE, ...
01.06.2021 Work From Home: Threats, Vulnerabilities, and Strategies for Protecting Your Network Phil Groce, a senior network defense analyst in the CERT Division of the Carnegie Mellon University Software Engineering Institute, discusses the security implications of this dramatic increase in the number of people in organizations who are working from home, examines ...
12.08.2020 An Introduction to CMMC Assessment Guides The Cybersecurity Maturity Model Certification (CMMC) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of ...
12.07.2020 The CMMC Level 3 Assessment Guide: A Closer Look The Cybersecurity Maturity Model Certification (CMMC) for Defense Industrial Base suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI podcast, Andrew Hoover ...
12.07.2020 The CMMC Level 1 Assessment Guide: A Closer Look The Cybersecurity Maturity Model Certification (CMMC) for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew ...
11.24.2020 Achieving Continuous Authority to Operate (ATO) Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. In this podcast, Shane Ficorilli and Hasan Yasar, both with the Carnegie ...
11.09.2020 Challenging the Myth of the 10x Programmer A pervasive belief in software engineering is that some programmers are much, much better than others (the times-10, or 10x, programmer), and that the skills, abilities, and talents of these programmers exert an outsized influence on that organizations’ success or ...
10.27.2020 A Stakeholder-Specific Approach to Vulnerability Management CERT vulnerability researchers Eric Hatleback, Allen Householder, and Dr. Jonathan Spring present an alternative system for vulnerability categorization, Stakeholder-Specific Vulnerability Categorization (SSVC) and also take audience members through a sample scoring vulnerability. SSVC takes the form of decision trees for ...
10.13.2020 Optimizing Process Maturity in CMMC Level 5 The Cybersecurity Maturity Model Certification (CMMC) for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew ...
10.07.2020 Reviewing and Measuring Activities for Effectiveness in CMMC Level 4 When fully implemented, CMMC will require all DIB companies to achieve certification at one of the five CMMC levels, which includes both technical security practices and maturity processes. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the ...
09.30.2020 Situational Awareness for Cybersecurity: Beyond the Network Situational awareness makes it possible to get relevant information from across an organization, to integrate that information, and to disseminate it to help leaders make more informed decisions. In this SEI Podcast, Angela Horneman and Timothy Morrow discuss the importance ...
09.17.2020 Quantum Computing: The Quantum Advantage In this episode, the latest from the SEI Podcast Series, Dr. Jason Larkin, a researcher in the SEI's Emerging Technology Center, discusses the quantum advantage and the challenges of working in the NISQ era. Dr. Larkin also provides a list ...
09.02.2020 CMMC Scoring 101 Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC), discuss how assessed Defense Industrial Base organizations are scored according to the model.
08.17.2020 Developing an Effective CMMC Policy The Cybersecurity Maturity Model Certification (CMMC) for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew ...
08.12.2020 Developing an Effective CMMC Policy The Cybersecurity Maturity Model Certification (CMMC) for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew ...
08.10.2020 The Future of Cyber: Educating the Cybersecurity Workforce In the latest episode of our Future of Cyber Podcast Series, Bobbie Stempfley, director of the SEI’s CERT Division, interviews Dr. Diana Burley, executive director and chair of the Institute for Information Infrastructure Protection, or I3P, and vice provost for ...
07.30.2020 Documenting Process for CMMC In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC), discuss process documentation, a Level 2 requirement.
07.20.2020 Agile Cybersecurity With the current cyber threat climate, the demand for cybersecurity is growing but existing compliance processes focus on a completed product and do not support incremental delivery. Cybersecurity must be carefully woven into each increment deliver results with sufficient security ...
07.01.2020 CMMC Levels 1-3: Going Beyond NIST SP-171 The Cybersecurity Maturity Model Certification (CMMC) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of ...
06.15.2020 The Future of Cyber: Secure Coding In this episode of the Future of Cyber, Bobbie Stempfley, director of the CERT Division of the SEI, explores the future of secure coding with Steve Lipner, the executive director of SAFECode and former director of software security at Microsoft, ...
05.28.2020 Challenges to Implementing DevOps in Highly Regulated Environments In this SEI podcast, Hasan Yasar and Jose Morales discuss challenges to implementing DevOps in highly regulated environments (HREs), exploring issues such as environment parity, the approval process, and compliance. This podcast is the second to explore DevOps in HREs.
05.07.2020 The Future of Cyber: Cybercrime The Future of Cyber Podcast Series explores whether we can use the innovations of the past to address the problems of the future. In this SEI Podcast, David Hickton, founding director of the University of Pittsburgh Institute for Cyber Law, ...
04.28.2020 An Ethical AI Framework As a senior research scientist in human-machine interaction at the SEI's Emerging Technology Center, Carol Smith works to understand how humans and machines can better collaborate to solve important problems and also understand our responsibilities and how that work continues ...
04.13.2020 My Story in Computing: Madison Quinn Oliver Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast learn how Madison Quinn Oliver, who wanted to work at Carnegie Mellon University since childhood, relied on a strong work ...
03.26.2020 The CERT Guide to Coordinated Vulnerability Disclosure In this podcast, Allen Householder and David Warren discuss the CERT Guide to Coordinated Vulnerability Disclosure, which is intended for use by security researchers, software vendors, and other stakeholders in navigating the complexities of informing others about security vulnerabilities.
03.11.2020 Women in Software and Cybersecurity: Dr. April Galyardt Dr. April Galyardt, a machine learning research scientist at the SEI, discusses her career journey, challenges, and lessons learned along the way. This episode is the latest installment in our series highlighting the work of women in software and cybersecurity.
02.26.2020 The Future of Cyber: Security and Privacy Dr. Lorrie Faith Cranor, director of CyLab, sits down with Bobbie Stempfley, director of the SEI’s CERT Division, to talk about the future of cyber in security and privacy.
02.14.2020 The Future of Cyber: Security and Resilience In this podcast, the first in a series exploring The Future of Cyber, Bobbie Stempfley, director of the CERT Division of the SEI, and Dr. Michael McQuade, vice-president for research at Carnegie Mellon University, explore past and present technologies that ...
02.07.2020 Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools Jeff Gennari and Cory Cohen discuss updates to the Pharos Binary Analysis Framework in GitHub, including a new plug-in to import OOAnalyzer analysis into the NSA's recently released Ghidra software reverse engineering tool suite.
01.29.2020 Women in Software and Cybersecurity: Dr. Carol Woody Dr. Carol Woody discusses the career path that led to her current role as technical manager for the Cybersecurity Engineering (CSE) team in the SEI’s CERT Division.
12.17.2019 Benchmarking Organizational Incident Management Practices In this SEI Podcast, Robin Ruefle and Mark Zajicek discuss recent work that provides a baseline or benchmark of incident management practices for an organization and detail how important it is to focus on preparation for incident management along with ...
12.11.2019 Machine Learning in Cybersecurity: 7 Questions for Decision Makers April Galyardt, Angela Horneman, and Jonathan Spring discuss seven key questions that managers and decision makers should ask about machine learning to effectively solve cybersecurity problems.
11.26.2019 Women in Software and Cybersecurity: Kristi Roth In this SEI Podcast, Kristi Roth, a summer 2019 intern in the Software Solutions Division at the Software Engineering Institute, discusses the path that led from a childhood spent calculating math problems in her head to a high school Introduction ...
11.12.2019 Human Factors in Software Engineering Solving the technical aspects isn’t enough to build reliable, enduring, resilient software and systems. Human decision making, behavioral factors, and cultural factors influence software engineering, acquisition, and cybersecurity. In this SEI Podcast roundtable, Andrew Mellinger, Suzanne Miller, and Hasan Yasar ...
10.15.2019 Women in Software and Cybersecurity: Anita Carleton In this SEI Podcast, Anita Carleton discusses the career path that led to her current role as acting director of the SEI’s Software Solutions Division and the challenges and mentors (Watts Humphrey) that she encountered along the way.
10.04.2019 Improving the Common Vulnerability Scoring System In this podcast, the authors discuss a 2019 paper that outlines challenges with the Common Vulnerability Scoring System (CVSS) and proposes changes to improve it.
10.01.2019 Why Software Architects Must Be Involved in the Earliest Systems Engineering Activities Software by its nature spans physical items: it provides the inter-system communication that has a direct influence on most capabilities, and thus must be architected intelligently, especially when pieces are built by different contractors. As Dr. Sarah Sheard discusses in ...
09.24.2019 Selecting Metrics for Software Assurance In this podcast, Dr. Carol Woody discusses the selection of metrics for measuring the software assurance of a product as it is developed and delivered to function in a specific system context.
09.18.2019 AI in Humanitarian Assistance and Disaster Response In 2017 and 2018, the world witnessed a record number of climate and weather-related disasters. Government agencies are increasingly interested in the use of artificial intelligence (AI) to help first responders in locating survivors, identifying structures in satellite imagery, and ...
08.30.2019 The AADL Error Library: 4 Families of Systems Errors In this SEI Podcast, researchers Peter Feiler and Sam Procter present the Architecture Analysis and Design Language (AADL) EMV2 Error Library, which is an established taxonomy that draws on a broad range of previous work in classifying system errors.
08.22.2019 Women in Software and Cybersecurity: Suzanne Miller As a principle researcher at the SEI, Suzanne Miller works to help the Department of Defense develop and field software to the warfighter. In this SEI Podcast, the latest in a series highlighting the work of women in software and ...
07.29.2019 Privacy in the Blockchain Era In this SEI Podcast, Dr. Giulia Fanti, an assistant professor of Electrical and Computer Engineering at Carnegie Mellon University, discusses her latest research including privacy problems in the cryptocurrency and blockchain space and generative adversarial networks.
07.25.2019 Cyber Intelligence: Best Practices and Biggest Challenges Cyber Intelligence is a rapidly changing field, and many organizations do not have the people, time, and funding in place to build a cyber intelligence team, according to a report released in late May by the SEI’s Emerging Technology Center. ...

Older episodes

Software Engineering Institute (SEI) Podcast Series

What's Software Engineering Institute (SEI) Podcast Series about?

Download our free app to listen on your phone

Software Engineering Institute (SEI) Podcast Series episodes:

My Story in Computing with David Zubrow

Mission-Based Prioritization: A New Method for Prioritizing Agile Backlogs

My Story in Computing with Carol Smith

Digital Engineering and DevSecOps

A 10-Step Framework for Managing Risk

7 Steps to Engineer Security into Ongoing and Future Container Adoption Efforts

Ransomware: Evolution, Rise, and Response

VINCE: A Software Vulnerability Coordination Platform

Work From Home: Threats, Vulnerabilities, and Strategies for Protecting Your Network

An Introduction to CMMC Assessment Guides

The CMMC Level 3 Assessment Guide: A Closer Look

The CMMC Level 1 Assessment Guide: A Closer Look

Achieving Continuous Authority to Operate (ATO)

Challenging the Myth of the 10x Programmer

A Stakeholder-Specific Approach to Vulnerability Management

Optimizing Process Maturity in CMMC Level 5

Reviewing and Measuring Activities for Effectiveness in CMMC Level 4

Situational Awareness for Cybersecurity: Beyond the Network

Quantum Computing: The Quantum Advantage

CMMC Scoring 101

Developing an Effective CMMC Policy

Developing an Effective CMMC Policy

The Future of Cyber: Educating the Cybersecurity Workforce

Documenting Process for CMMC

Agile Cybersecurity

CMMC Levels 1-3: Going Beyond NIST SP-171

The Future of Cyber: Secure Coding

Challenges to Implementing DevOps in Highly Regulated Environments

The Future of Cyber: Cybercrime

An Ethical AI Framework

My Story in Computing: Madison Quinn Oliver

The CERT Guide to Coordinated Vulnerability Disclosure

Women in Software and Cybersecurity: Dr. April Galyardt

The Future of Cyber: Security and Privacy

The Future of Cyber: Security and Resilience

Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools

Women in Software and Cybersecurity: Dr. Carol Woody

Benchmarking Organizational Incident Management Practices

Machine Learning in Cybersecurity: 7 Questions for Decision Makers

Women in Software and Cybersecurity: Kristi Roth

Human Factors in Software Engineering

Women in Software and Cybersecurity: Anita Carleton

Improving the Common Vulnerability Scoring System

Why Software Architects Must Be Involved in the Earliest Systems Engineering Activities

Selecting Metrics for Software Assurance

AI in Humanitarian Assistance and Disaster Response

The AADL Error Library: 4 Families of Systems Errors

Women in Software and Cybersecurity: Suzanne Miller

Privacy in the Blockchain Era

Cyber Intelligence: Best Practices and Biggest Challenges

Other shows like Software Engineering Institute (SEI) Podcast Series: