Software Engineering Institute (SEI) Podcast Series

Updating Risk Assessment in the CERT Secure Coding Standard


Listen Later

Bringing a codebase into compliance with the SEI CERT Coding Standards requires a cost of time and effort, namely in the form of a static analysis tool. But those who are familiar with static analysis tools know that the alerts are not always reliable and produce false positives that must be detected and disregarded. This year, we plan on making some exciting updates to the SEI CERT C Coding Standard to better harmonize with the current state of the art for static analysis tools, as well as simplify the process of source code security auditing. This may help users of automated pogram repair tools prioritize security mitigations in code more effectively when using the CERT Secure Coding Standard.  In this podcast from the Carnegie Mellon University Software Engineering Institute, David Svoboda and Joseph Sible, both engineers in CERT’s Applied Systems Group and primary developers and maintainers of the standard, sit down with Robert Schiela, deputy technical director of the Cybersecurity Foundations team in CERT, to discuss the proposed changes, specifically in the area of risk assessment.

...more
View all episodesView all episodes
Download on the App Store

Software Engineering Institute (SEI) Podcast SeriesBy Members of Technical Staff at the Software Engineering Institute

  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

18 ratings


More shows like Software Engineering Institute (SEI) Podcast Series

View all
Global News Podcast by BBC World Service

Global News Podcast

7,804 Listeners

Dan Carlin's Hardcore History by Dan Carlin

Dan Carlin's Hardcore History

63,307 Listeners

Make It Real by CMU Engineering

Make It Real

0 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

628 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,008 Listeners

Pod Save America by Crooked Media

Pod Save America

86,220 Listeners

Hacking Humans by N2K Networks

Hacking Humans

312 Listeners

Post Reports by The Washington Post

Post Reports

5,438 Listeners

SEI Cyber Talks by Members of Technical Staff

SEI Cyber Talks

0 Listeners

Rustacean Station by Rustacean Station

Rustacean Station

62 Listeners