SEI Blog | Cybersecurity Engineering

SEI Blog | Cybersecurity Engineeringhttp://www.sei.cmu.edu/feeds/topic/Updates on changes and additions to the SEI Blog for posts matching Cybersecurity Engineeringen-usFri, 21 Nov 2025 00:00:00 -0500How to Align Security Requirements and Controls to Express System Threatshttps://www.sei.cmu.edu/blog/how-to-align-security-requirements-and-controls-to-express-system-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post presents a method that combines information about security requirements, controls, and capabilities with analysis regarding cyber threats to enable more effective risk-guided system planning.Elias Miller, Matthew SiskFri, 21 Nov 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/how-to-align-security-requirements-and-controls-to-express-system-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesEnhancing Security with Cloud Flow Logshttps://www.sei.cmu.edu/blog/enhancing-security-with-cloud-flow-logs/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe SEI has a history of support for flow log analysis, including its 2025 releases (for Azure or AWS) of open-source scripts to facilitate cloud flow log analysis. This blog explores challenges with correlating events across multiple CSPs.Timothy ShimeallMon, 06 Oct 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/enhancing-security-with-cloud-flow-logs/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesStop Imagining Threats, Start Mitigating Them: A Practical Guide to Threat Modelinghttps://www.sei.cmu.edu/blog/stop-imagining-threats-start-mitigating-them-a-practical-guide-to-threat-modeling/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesWhen building a software-intensive system, a key part in creating a secure and robust solution is to develop a cyber threat model.Alex VeseyThu, 15 May 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/stop-imagining-threats-start-mitigating-them-a-practical-guide-to-threat-modeling/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCyber-Informed Machine Learninghttps://www.sei.cmu.edu/blog/cyber-informed-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post proposes cyber-informed machine learning as a conceptual framework for emphasizing three types of explainability when ML is used for cybersecurity.Jeffrey Mellon, Clarence WorrellMon, 10 Feb 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/cyber-informed-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCybersecurityMachine LearningCybersecurity EngineeringAI Engineering and Machine Learning13 Cybersecurity Predictions for 2025https://www.sei.cmu.edu/blog/13-cybersecurity-predictions-for-2025/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIt’s that time of year when we reflect on the past year and eagerly look forward. This post presents 13 cyber predictions for 2025.Gregory TouhillTue, 21 Jan 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/13-cybersecurity-predictions-for-2025/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAn Introduction to Hardening Docker Imageshttps://www.sei.cmu.edu/blog/an-introduction-to-hardening-docker-images/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThrough our work, we have seen stakeholders encountering difficulty with hardening open source container images for vulnerability mitigation.Maxwell Trdina, Sasank VishnubhatlaMon, 11 Nov 2024 00:00:00 -0500https://www.sei.cmu.edu/blog/an-introduction-to-hardening-docker-images/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesA Framework for Detection in an Era of Rising Deepfakeshttps://www.sei.cmu.edu/blog/a-framework-for-detection-in-an-era-of-rising-deepfakes/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post details the evolving deepfake landscape and introduces a framework for detection.Matt WalshMon, 28 Oct 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/a-framework-for-detection-in-an-era-of-rising-deepfakes/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesEvaluating Static Analysis Alerts with LLMshttps://www.sei.cmu.edu/blog/evaluating-static-analysis-alerts-with-llms/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLLMs show promising initial results in adjudicating static analysis alerts, offering possibilities for better vulnerability detection. This post discusses initial experiments using GPT-4 to evaluate static analysis alerts.William Klieber, Lori FlynnMon, 07 Oct 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/evaluating-static-analysis-alerts-with-llms/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesStatic AnalysisAI Engineering and Machine LearningSecure Coding3 API Security Risks and Recommendations for Mitigationhttps://www.sei.cmu.edu/blog/3-api-security-risks-and-recommendations-for-mitigation/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post presents three top API security risks along with recommendations for mitigating them.McKinley Sconiers-HasanMon, 15 Jul 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/3-api-security-risks-and-recommendations-for-mitigation/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesRedemption: A Prototype for Automated Repair of Static Analysis Alertshttps://www.sei.cmu.edu/blog/redemption-a-prototype-for-automated-repair-of-static-analysis-alerts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.David SvobodaMon, 10 Jun 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/redemption-a-prototype-for-automated-repair-of-static-analysis-alerts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecure CodingTestingStatic AnalysisVersioning with Git Tags and Conventional Commitshttps://www.sei.cmu.edu/blog/versioning-with-git-tags-and-conventional-commits/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.Alex VeseyWed, 29 May 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/versioning-with-git-tags-and-conventional-commits/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAPI Security through Contract-Driven Programminghttps://www.sei.cmu.edu/blog/api-security-through-contract-driven-programming/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post explores contract programming and specifically how that applies to the building, maintenance, and security of APIs.Alex VeseyMon, 18 Mar 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/api-security-through-contract-driven-programming/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExplainability in Cybersecurity Data Sciencehttps://www.sei.cmu.edu/blog/explainability-in-cybersecurity-data-science/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post provides an overview of explainability in machine learning and includes illustrations of model-to-human and human-to-model explainability.Jeffrey Mellon, Clarence WorrellMon, 20 Nov 2023 00:00:00 -0500https://www.sei.cmu.edu/blog/explainability-in-cybersecurity-data-science/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecure by Design at CERThttps://www.sei.cmu.edu/blog/secure-by-design-at-cert/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe national cybersecurity strategy calls on tech providers to ensure that all their products are secure by design and secure by default. This post highlights the SEI CERT Division's continued and longstanding efforts to ensure security by design in fielded software.Gregory TouhillMon, 09 Oct 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/secure-by-design-at-cert/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates3 Activities for Making Software Secure by Designhttps://www.sei.cmu.edu/blog/3-activities-for-making-software-secure-by-design/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesUnderstanding key principles, roadblocks, and accelerators can shift the secure software development paradigm.Dr. Carol Woody, Robert SchielaTue, 05 Sep 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/3-activities-for-making-software-secure-by-design/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecure DevelopmentCybersecurityUsing Game Theory to Advance the Quest for Autonomous Cyber Threat Huntinghttps://www.sei.cmu.edu/blog/Using-Game-Theory-to-Advance-Cyber-Threat-Hunting/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post describes an effort to apply game theory to the development of algorithms suitable for informing a fully autonomous threat hunting capability and introduces the concept of chain games, a set of games in which threat hunting strategies can be evaluated and refined.Phil GroceMon, 24 Jul 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/Using-Game-Theory-to-Advance-Cyber-Threat-Hunting/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCybersecurity8 Areas of Future Research in Zero Trusthttps://www.sei.cmu.edu/blog/8-areas-of-future-research-in-zero-trust/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe National Cybersecurity Strategy was released on March 1st, 2023 to improve federal cybersecurity through the implementation of a zero trust architecture.Matthew Nicolai, Trista Polaski, Timothy MorrowMon, 24 Apr 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/8-areas-of-future-research-in-zero-trust/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesZero TrustSecurity Analytics: Using SiLK and Mothra to Identify Data Exfiltration via the Domain Name Servicehttps://www.sei.cmu.edu/blog/security-analytics-using-silk-and-mothra-to-identify-data-exfiltration-via-the-domain-name-service/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.Timothy ShimeallMon, 03 Apr 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/security-analytics-using-silk-and-mothra-to-identify-data-exfiltration-via-the-domain-name-service/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSOC AnalyticsThe Benefits of Cyber Assessment Traininghttps://www.sei.cmu.edu/blog/the-benefits-of-cyber-assessment-training/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.Rhonda Brown, Alexander PetrilliMon, 13 Mar 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/the-benefits-of-cyber-assessment-training/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCybersecurity EngineeringCyber Risk and Resilience ManagementCybersecurityCyber Workforce Development5 Best Practices from Industry for Implementing a Zero Trust Architecturehttps://www.sei.cmu.edu/blog/5-best-practices-from-industry-for-implementing-a-zero-trust-architecture/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post presents 5 best practices from industry on implementing a zero trust architecture and discusses why they are significant.Matthew Nicolai, Nathaniel Richmond, Timothy MorrowMon, 06 Mar 2023 00:00:00 -0500https://www.sei.cmu.edu/blog/5-best-practices-from-industry-for-implementing-a-zero-trust-architecture/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesZero Trust