Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination

This technical note presents an insider threat pattern on how organizations can combat insider theft of intellectual property. The technical note describes how to use the centralized log storage and...

An Acquisition Perspective on Product Evaluation

This technical note focuses on software acquisition and development practices related to the evaluation of products before, during, and after implementation. From engagements with numerous DoD acquisition programs, it has...

Suggestions for Documenting SOA-Based Systems

This report provides suggestions for documenting service-oriented architecture-based systems based on the Views & Beyond (V&B) software documentation approach.

Keynote: Engineering Safety-and Security-Related Requirements for Software-Intensive Systems (ICSE 2010)

Keynote presentation by Donald Firesmith at SESS’10, as part of the 32nd ACM/IEEE International Conference on Software Engineering (ISCE’2010) in Cape Town, South Africa.

Measurement That Works -- Really!

James Wessel focuses on software measurement practices that Army acquisition organizations find useful for software issue identification, tracking, and active control of programs.