Software Engineering Institute (SEI) Podcast Series

By Members of Technical Staff at the Software Engineering Institute

Technology

What's Software Engineering Institute (SEI) Podcast Series about?

Download our free app to listen on your phone

LAST EPISODE

Walking Fast Into the Futur...

12.03.2021

Nickolas Guertin, a senior systems engineer with the SEI’s Software Solutions Division, and Douglas Schmidt, associate provost of research at Vanderbilt University and former chief technical officer at the SEI, discuss strategies for creating architectures for large-scale, complex systems that ...

Software Engineering Institute (SEI) Podcast Series episodes:

12.03.2021 Walking Fast Into the Future: Evolvable Technical Reference Frameworks for Mixed-Criticality Systems Nickolas Guertin, a senior systems engineer with the SEI’s Software Solutions Division, and Douglas Schmidt, associate provost of research at Vanderbilt University and former chief technical officer at the SEI, discuss strategies for creating architectures for large-scale, complex systems that ...
11.18.2021 Software Engineering for Machine Learning: Characterizing and Understanding Mismatch in ML Systems Mismatches between the perspectives and practices of the roles involved in the development and fielding of ML systems can affect their ability to achieve their intended missions. In this SEI Podcast, Grace Lewis, a principal researcher and lead for the ...
11.11.2021 A Discussion on Automation with Watts Humphrey Award Winner Rajendra Prasad In this SEI Podcast, Mike Konrad, a principal researcher in the SEI's Software Solutions Division, talks with 2020 IEEE Computer Society SEI Watts Humphrey Software Quality Award winner Rajendra Prasad of Accenture about automation and how SEI-developed process improvement methods ...
11.03.2021 Enabling Transition From Sustainment to Engineering Within the DoD In this podcast, Thomas Evans, a senior software architect at Carnegie Mellon University's Software Engineering Institute, and Douglas C. Schmidt, associate provost of research at Vanderbilt University and former chief technical officer at the SEI, discuss the challenges that software ...
10.25.2021 The Silver Thread of Cyber in the Global Supply Chain The global supply chain touches every aspect of our lives, from fuel prices to the availability of computer chips and supermarket products. In out latest podcast, Matt Butkovic, technical director of risk and resilience at Carnegie Mellon University’s Software Engineering ...
10.15.2021 Measuring DevSecOps: The Way Forward DevSecOps practices, made possible by improvements in underlying technology that automate the development-to-production pipeline, can generate more information about development and operational performance than has ever been readily available before. In this SEI Podcast, Bill Nichols and Hasan Yasar, both ...
09.23.2021 Bias in AI: Impact, Challenges, and Opportunities In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Smith, a senior research scientist in human-machine interaction, and Jonathan Spring, a senior vulnerability researcher, discuss the hidden sources of bias in artificial intelligence (AI) systems and how ...
09.17.2021 My Story in Computing with Rachel Dzombak In this SEI Podcast in the “My Story in Computing” series, Rachel Dzombak discusses her journey integrating biomedical, mechanical, and civil engineering to her current leadership role at the SEI as digital transformation lead in artificial-intelligence (AI) engineering.
09.09.2021 Agile Strategic Planning: Concepts and Methods for Success Incorporating agile principles into strategic planning and execution is a highly effective way to drive strategy development, strategy execution, data-driven decision making, and results. In this SEI Podcast, Linda Parker Gates, initiative lead of Software Acquisition Pathways, and Suzanne Miller, ...
08.24.2021 Applying Scientific Methods in Cybersecurity In this SEI Podcast, Dr. Leigh Metcalf and Dr. Jonathan Spring, both researchers with the Carnegie Mellon University Software Engineering Institute’s CERT Division, discuss the application of scientific methods to cybersecurity. As described in their recently published book, Using Science ...
08.13.2021 Zero Trust Adoption: Benefits, Applications, and Resources Zero trust adoption is a security initiative that an enterprise must understand, interpret, and implement. In this SEI Podcast, Geoff Sanders, a senior network defense analyst in the CERT Division at Carnegie Mellon University's Software Engineering Institute, discusses zero trust ...
08.06.2021 Uncertainty Quantification in Machine Learning: Measuring Confidence in Predictions In this SEI Podcast, Dr. Eric Heim, a senior machine learning research scientist at the Software Engineering Institute at Carnegie Mellon University, discusses the quantification of uncertainty in machine-learning (ML) systems. ML systems can make wrong predictions and give inaccurate ...
07.29.2021 11 Rules for Ensuring a Security Model with AADL and Bell–LaPadula Aaron Greenhouse, a senior architecture researcher with Carnegie Mellon University’s Software Engineering Institute, talks with principal researcher Suzanne Miller about the use of the Bell–LaPadula mathematical security model in concert with the Architecture Analysis and Design Language (AADL) to model ...
07.23.2021 Benefits and Challenges of Model-Based Systems Engineering Nataliya (Natasha) Shevchenko and Mary Popeck, both senior researchers in the CERT Division at Carnegie Mellon University’s Software Engineering Institute, discuss the use of model-based systems engineering (MBSE), which, in contrast to document-centric engineering, puts models at the center of ...
07.16.2021 Fostering Diversity in Software Engineering In this SEI Podcast, Grace Lewis hosts a panel discussion with Ipek Ozkaya, Nathan West, and Jay Palat about diversity in software engineering. The panelists, all researchers with the Carnegie Mellon University Software Engineering Institute, share their perspectives about their ...
06.24.2021 Can DevSecOps Make Developers Happier? Author Daniel H. Pink recently examined factors that lead to job satisfaction among knowledge workers and summarized them in three components: autonomy, skill mastery, and purpose. In this SEI Podcast, Hasan Yasar, technical director of Continuous Deployment of Capability at ...
06.22.2021 Is Your Organization Ready for AI? In this SEI Podcast, digital transformation lead Dr. Rachel Dzombak and research scientist Carol Smith, both with the SEI’s Emerging Technology Center at Carnegie Mellon University, discuss how AI Engineering can support organizations to implement AI systems. The conversation covers ...
06.11.2021 My Story in Computing with Marisa Midler In this SEI Podcast, the latest in the My Story in Computing series, Marisa Midler, a cybersecurity engineer in the SEI’s CERT Division, discusses her career path, which included a stint as a bouncer at a Seattle night club, before ...
06.04.2021 Managing Vulnerabilities in Machine Learning and Artificial Intelligence Systems In this podcast, Jonathan Spring, Nathan VanHoudnos, and Allen Householder, all researchers at the Carnegie Mellon University Software Engineering Institute, discuss the management of vulnerabilities in ML systems as well as the Adversarial ML Threat Matrix, which aims to close ...
05.20.2021 AI Workforce Development In this SEI Podcast, Rachel Dzombak and Jay Palat discuss growth in the field of artificial intelligence (AI) and how organizations can hire and train staff to take advantage of the opportunities afforded by AI and machine learning—and the critical ...
05.13.2021 Moving from DevOps to DevSecOps In this SEI podcast, Hasan Yasar, technical director of the Continuous Deployment of Capability group in the Software Solutions Division of the SEI, discusses the transition from DevOps to DevSecOps.
04.29.2021 My Story in Computing with David Zubrow In this SEI Podcast, the latest in the “My Story in Computing” series, which explores the unique paths people take into the field of computing, David Zubrow discusses his path from a PhD in applied history and social sciences and ...
04.23.2021 Mission-Based Prioritization: A New Method for Prioritizing Agile Backlogs In this SEI Podcast, Keith Korzec discusses the Mission-Based Prioritization method for prioritizing Agile backlogs. This method overcomes the shortcomings of prioritization based on “weighted shortest job first” and utilizes objective, mission-focused criteria while allowing ongoing re-prioritization to be conducted ...
04.09.2021 My Story in Computing with Carol Smith Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast, part of the My Story in Computing series, learn how Carol Smith, who trained as a photojournalist, discusses how a ...
03.16.2021 Digital Engineering and DevSecOps Digital engineering is an integrated digital approach that uses authoritative sources of systems data and models as a continuum across disciplines to support lifecycle activities from concept through disposal. In this SEI Podcast, David Shepard, a software developer with the ...
03.09.2021 A 10-Step Framework for Managing Risk Brett Tucker, technical manager for cyber risk in the SEI CERT Division, discusses the Operationally Critical Threat, Asset, and Vulnerability Evaluation for the Enterprise (OCTAVE FORTE) Model, which helps organizations evaluate security risks and use principles of enterprise risk management ...
02.23.2021 7 Steps to Engineer Security into Ongoing and Future Container Adoption Efforts If organizations take more steps to address security-related activities now, they will be less likely to encounter security incidents in the future. When it comes to application containers, security is achieved through adopting a series of best practices and guidelines. ...
02.16.2021 Ransomware: Evolution, Rise, and Response In this SEI Podcast, Marisa Midler and Tim Shimeall, network defense analysts within the SEI's CERT Division, discuss the growing problem of ransomware including the rise of ransomware as a service threats. Midler and Shimeall also discuss steps and strategies ...
01.21.2021 VINCE: A Software Vulnerability Coordination Platform To scale communications and increase collaboration between vulnerability reporters, coordinators, and software vendors, the CERT/CC team has created a web-based platform for software vulnerability reporting and coordination, the Vulnerability Information and Coordination Environment (VINCE). Emily Sarneso, the architect of VINCE, ...
01.06.2021 Work From Home: Threats, Vulnerabilities, and Strategies for Protecting Your Network Phil Groce, a senior network defense analyst in the CERT Division of the Carnegie Mellon University Software Engineering Institute, discusses the security implications of this dramatic increase in the number of people in organizations who are working from home, examines ...
12.08.2020 An Introduction to CMMC Assessment Guides The Cybersecurity Maturity Model Certification (CMMC) 1.0 defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects ...
12.07.2020 The CMMC Level 3 Assessment Guide: A Closer Look The Cybersecurity Maturity Model Certification (CMMC) 1.0 for Defense Industrial Base suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI podcast, Andrew ...
12.07.2020 The CMMC Level 1 Assessment Guide: A Closer Look The Cybersecurity Maturity Model Certification (CMMC) 1.0 for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, ...
11.24.2020 Achieving Continuous Authority to Operate (ATO) Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. In this podcast, Shane Ficorilli and Hasan Yasar, both with the Carnegie ...
11.09.2020 Challenging the Myth of the 10x Programmer A pervasive belief in software engineering is that some programmers are much, much better than others (the times-10, or 10x, programmer), and that the skills, abilities, and talents of these programmers exert an outsized influence on that organizations’ success or ...
10.27.2020 A Stakeholder-Specific Approach to Vulnerability Management CERT vulnerability researchers Eric Hatleback, Allen Householder, and Dr. Jonathan Spring present an alternative system for vulnerability categorization, Stakeholder-Specific Vulnerability Categorization (SSVC) and also take audience members through a sample scoring vulnerability. SSVC takes the form of decision trees for ...
10.13.2020 Optimizing Process Maturity in CMMC Level 5 The Cybersecurity Maturity Model Certification (CMMC) 1.0 for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, ...
10.07.2020 Reviewing and Measuring Activities for Effectiveness in CMMC Level 4 When fully implemented, CMMC 1.0 will require all DIB companies to achieve certification at one of the five CMMC levels, which includes both technical security practices and maturity processes. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of ...
09.30.2020 Situational Awareness for Cybersecurity: Beyond the Network Situational awareness makes it possible to get relevant information from across an organization, to integrate that information, and to disseminate it to help leaders make more informed decisions. In this SEI Podcast, Angela Horneman and Timothy Morrow discuss the importance ...
09.17.2020 Quantum Computing: The Quantum Advantage In this episode, the latest from the SEI Podcast Series, Dr. Jason Larkin, a researcher in the SEI's Emerging Technology Center, discusses the quantum advantage and the challenges of working in the NISQ era. Dr. Larkin also provides a list ...
09.02.2020 CMMC Scoring 101 Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC) 1.0, discuss how assessed Defense Industrial Base organizations are scored according to the model.
08.17.2020 Developing an Effective CMMC Policy The Cybersecurity Maturity Model Certification (CMMC) 1.0 for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, ...
08.12.2020 Developing an Effective CMMC Policy The Cybersecurity Maturity Model Certification (CMMC) for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew ...
08.10.2020 The Future of Cyber: Educating the Cybersecurity Workforce In the latest episode of our Future of Cyber Podcast Series, Bobbie Stempfley, director of the SEI’s CERT Division, interviews Dr. Diana Burley, executive director and chair of the Institute for Information Infrastructure Protection, or I3P, and vice provost for ...
07.30.2020 Documenting Process for CMMC In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC) 1.0, discuss process documentation, a Level 2 requirement.
07.20.2020 Agile Cybersecurity With the current cyber threat climate, the demand for cybersecurity is growing but existing compliance processes focus on a completed product and do not support incremental delivery. Cybersecurity must be carefully woven into each increment deliver results with sufficient security ...
07.01.2020 CMMC Levels 1-3: Going Beyond NIST SP-171 The Cybersecurity Maturity Model Certification (CMMC) 1.0 defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects ...
06.15.2020 The Future of Cyber: Secure Coding In this episode of the Future of Cyber, Bobbie Stempfley, director of the CERT Division of the SEI, explores the future of secure coding with Steve Lipner, the executive director of SAFECode and former director of software security at Microsoft, ...
05.28.2020 Challenges to Implementing DevOps in Highly Regulated Environments In this SEI podcast, Hasan Yasar and Jose Morales discuss challenges to implementing DevOps in highly regulated environments (HREs), exploring issues such as environment parity, the approval process, and compliance. This podcast is the second to explore DevOps in HREs.
05.07.2020 The Future of Cyber: Cybercrime The Future of Cyber Podcast Series explores whether we can use the innovations of the past to address the problems of the future. In this SEI Podcast, David Hickton, founding director of the University of Pittsburgh Institute for Cyber Law, ...

Older episodes

Software Engineering Institute (SEI) Podcast Series

What's Software Engineering Institute (SEI) Podcast Series about?

Download our free app to listen on your phone

Software Engineering Institute (SEI) Podcast Series episodes:

Walking Fast Into the Future: Evolvable Technical Reference Frameworks for Mixed-Criticality Systems

Software Engineering for Machine Learning: Characterizing and Understanding Mismatch in ML Systems

A Discussion on Automation with Watts Humphrey Award Winner Rajendra Prasad

Enabling Transition From Sustainment to Engineering Within the DoD

The Silver Thread of Cyber in the Global Supply Chain

Measuring DevSecOps: The Way Forward

Bias in AI: Impact, Challenges, and Opportunities

My Story in Computing with Rachel Dzombak

Agile Strategic Planning: Concepts and Methods for Success

Applying Scientific Methods in Cybersecurity

Zero Trust Adoption: Benefits, Applications, and Resources

Uncertainty Quantification in Machine Learning: Measuring Confidence in Predictions

11 Rules for Ensuring a Security Model with AADL and Bell–LaPadula

Benefits and Challenges of Model-Based Systems Engineering

Fostering Diversity in Software Engineering

Can DevSecOps Make Developers Happier?

Is Your Organization Ready for AI?

My Story in Computing with Marisa Midler

Managing Vulnerabilities in Machine Learning and Artificial Intelligence Systems

AI Workforce Development

Moving from DevOps to DevSecOps

My Story in Computing with David Zubrow

Mission-Based Prioritization: A New Method for Prioritizing Agile Backlogs

My Story in Computing with Carol Smith

Digital Engineering and DevSecOps

A 10-Step Framework for Managing Risk

7 Steps to Engineer Security into Ongoing and Future Container Adoption Efforts

Ransomware: Evolution, Rise, and Response

VINCE: A Software Vulnerability Coordination Platform

Work From Home: Threats, Vulnerabilities, and Strategies for Protecting Your Network

An Introduction to CMMC Assessment Guides

The CMMC Level 3 Assessment Guide: A Closer Look

The CMMC Level 1 Assessment Guide: A Closer Look

Achieving Continuous Authority to Operate (ATO)

Challenging the Myth of the 10x Programmer

A Stakeholder-Specific Approach to Vulnerability Management

Optimizing Process Maturity in CMMC Level 5

Reviewing and Measuring Activities for Effectiveness in CMMC Level 4

Situational Awareness for Cybersecurity: Beyond the Network

Quantum Computing: The Quantum Advantage

CMMC Scoring 101

Developing an Effective CMMC Policy

Developing an Effective CMMC Policy

The Future of Cyber: Educating the Cybersecurity Workforce

Documenting Process for CMMC

Agile Cybersecurity

CMMC Levels 1-3: Going Beyond NIST SP-171

The Future of Cyber: Secure Coding

Challenges to Implementing DevOps in Highly Regulated Environments

The Future of Cyber: Cybercrime

Other shows like Software Engineering Institute (SEI) Podcast Series: