Evaluation of Methods for Managing Secrets for Kubernetes on Microsoft Azure
This report provides guidance to help organizations' evaluation solutions to manage secrets when using Kubernetes on Microsoft Azure.
-
Home
- Publications and Media
Publications and Media
News
Digital Library
The SEI publishes extensively to connect with and deliver our most recent advancements in software engineering, cyber, artificial intelligence, and acquisition transformation to the software community. We publish our research in elite journals, and we also produce technical reports, white papers, webcasts, and much more—all of which we make available in our digital library. We’ve collected thousands of publications over decades of research that you can download today.
Search the digital library
Technical Papers
Managing Architectural Risk During Agile Development
This report presents Agile Architecture Risk Management and Continuous Risk Management to identify S/W development risks before production and project failure.
Instantiating the Error Model Version 2 (EMV2) Annex
The Error Model Annex, Version 2 (EMV2), notation for architecture fault modeling supports safety, reliability, and security analyses as part of the OSATE toolset.
Applying Causal Learning to Evaluate Large Language Models (LLMs)
This report describes how the SEI applied causal discovery to LLM summarization, exemplifying a way to address bias when evaluating complex new technology.
Independent Assessment of Civilian Cybersecurity Reserve for Department of Defense
This study assesses the feasibility of creating a civilian cybersecurity reserve to provide qualified staffing to address workforce shortages in the DoD.
A Preliminary Report on a Model for Maturing AI Adoption: From Hype to Achieving Repeatable, Predictable Outcomes
Introduces concepts of a model for AI adoption, guiding organizational leaders on overcoming the challenges that arise as they try to realize the promise of AI.
Blog Posts
By weighing the tradeoffs between design pattern attributes and quality attributes, software developers can identify architectural risks early and assess the system impacts of design …
To help teams meet the need for rigorous evaluation methods, researchers in SEI’s AI Division developed a library built on best practices for LLM evaluation …
This post explores data poisoning, which occurs when training data is modified to influence the performance of a model, and proposes cryptographic chain of custody …
Our post highlights the use of data analytics as a force multiplier for cyber resilience as well as best practices to help organizations gain situational …
Podcasts
This podcast explores CERT UEFI Parser, a new, open source tool that uses program analysis to reveal the architecture of UEFI software, and explore this …
Paul Nielsen, the SEI's director and chief executive officer, discusses his legacy, the impact of mentors, and the importance of encouraging scientists and engineers to …
Marie Baker, Chris May, and Mike Winter discuss findings from a Pentagon-commissioned study assessing the feasibility of a civilian cybersecurity reserve.
Our latest podcast highlights an AI Adoption Maturity Model that organizations can use to create a roadmap for predictable AI adoption and realization of AI …
Webcasts
Latest webcasts
In this webcast, SEI researchers discuss observations and lessons from their application of AI-native software engineering and the study of its use across multiple projects.
In this webcast, SEI researchers discuss the why, what, and how behind metrics that will enable your team to move from “just collecting data” to …
In this webcast, SEI researchers explain how System Theoretic Process Analysis helps organizations build stronger assurances about the safety and security of complex systems, including …
In this webcast, Justin Novak and Christopher Ian Rodman discuss how AI can be leveraged to build out and enable your security operations center (SOC) …
Vulnerability Notes
The SEI builds relationships with software vendors and other organizations to coordinate prompt responses to possible risks or threats that arise from software vulnerabilities. Over the years, we have built an extensive vendor network, and we work as a trusted broker to identify, disclose, and mitigate vulnerabilities. As part of this effort, we publish vulnerability notes to keep the community informed and to enable effective and swift mitigation.