Cover image of Software Engineering Institute (SEI) Webcast Series
(1)
Technology

Software Engineering Institute (SEI) Webcast Series

Updated 7 days ago

Technology
Read more

Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Series is produced by SEI Communications Outreach.

Read more

Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Series is produced by SEI Communications Outreach.

iTunes Ratings

1 Ratings
Average Ratings
1
0
0
0
0

iTunes Ratings

1 Ratings
Average Ratings
1
0
0
0
0
Cover image of Software Engineering Institute (SEI) Webcast Series

Software Engineering Institute (SEI) Webcast Series

Latest release on Sep 16, 2020

The Best Episodes Ranked Using User Listens

Updated by OwlTail 7 days ago

Rank #1: Three Software Innovations that DoD Needs Now

Podcast cover
Read more

Watch Jeff Boleng, Robert Schiela, Samuel Procter, Lena Pons, and Nathan VanHoudnos discuss "Three Software Innovations that DoD Needs Now".

Mar 09 2018

1hr 2mins

Play

Rank #2: Agile and DevOps: Your Questions. Our Answers.

Podcast cover
Read more

Watch this lively discussion in which we answered attendee questions on all things Agile and DevOps.

Mar 02 2018

36mins

Play

Rank #3: Weaving a Fabric of Trust: Ensured Security, Privacy, Resilience, and Accountability

Podcast cover
Read more

During this webinar, Dr. Shannon examined the questions, science, and technology that builds trust with customers, other organizations, and society to ensure their security and privacy, and our own resilience and accountability.

Nov 28 2017

1hr 6mins

Play

Rank #4: Is Software Spoiling Us?

Podcast cover
Read more

Have software's repeated successes, and the assumption that they will continue endlessly, discounted perceptions of its importance among leadership in civilian government, national defense, and national security organizations?

Nov 20 2017

1hr

Play

Rank #5: Four Valuable Data Sources for Network Security Analytics

Podcast cover
Read more

This webinar focused on the development and application of combined data analytics and offered several examples of analytics that combine domain resolution data, network device inventory and configuration data, and intrusion detection.

Oct 05 2017

46mins

Play

Rank #6: Three Secrets to Successful Agile Metrics

Podcast cover
Read more

Watch this webcast to gain insights into effective metrics programs in government settings.

Sep 11 2017

1hr 24mins

Play

Rank #7: Five Keys to Effective Agile Test Automation for Government Programs

Podcast cover
Read more

In this discussion-focused webinar, Bob Binder and SuZ Miller will discuss 5 key questions that government organizations contemplating embarking on adopting automated test techniques and tools in an Agile environment are likely to have.

Aug 25 2017

1hr 29mins

Play

Rank #8: Practical Considerations in Adopting Agile-Lean in Government Settings

Podcast cover
Read more

This webinar summarizes much of what the SEI has learned in its eight years of researching and facilitating adoption of Agile and Lean methods in software-reliant systems in government.

Jul 05 2017

1hr 1min

Play

Rank #9: 5 Things You Need to Know About Leading a Successful Large IT Modernization Project

Podcast cover
Read more

In this webinar, we discuss topics to consider when planning a large modernization project and share mitigation strategies for executing the modernization effort.

Mar 06 2017

59mins

Play

Rank #10: Secure Coding Best Practices

Podcast cover
Read more

Learn why secure coding practices are important to reduce common programming errors that lead to vulnerabilities.

Aug 01 2016

31mins

Play

Rank #11: Security Requirements Engineering

Podcast cover
Read more

Learn the importance of developing security requirements in the same time frame as functional requirements.

Aug 01 2016

36mins

Play

Rank #12: Secure Software Development Landscape

Podcast cover
Read more

Last summer's Wired article describing vulnerabilities in the Jeep shows that software is being created and deployed with exploitable, yet avoidable, security flaws. So far, the automotive attacks have been largely demonstrations. However, successful cyber-attacks have been carried out on steel furnaces in Germany and the electrical grid in Ukraine. Insecurely written software in cyber-physical systems places people and property in jeopardy. Fortunately, there are many techniques available to those building software for cyber physical systems that can greatly reduce their vulnerability. This talk starts with an in-depth review of the Jeep scenario. It then examines how security can be introduced throughout the software development lifecycle to blunt such vulnerabilities.

Jul 30 2016

45mins

Play

Rank #13: What Makes a Good Software Architect?

Podcast cover
Read more
For two decades, the SEI has been instrumental in the creation and development of the field of software engineering known as software architecture. An architect whose skills and capabilities match a project's needs is more likely to be successful. So what are those skills? In this webinar, SEI researchers and an industry colleague discussed in two talks What Makes a Good Software Architect? John Klein and Andrew Kotov on Skills and Knowledge of Successful Architects Ipek Ozkaya and Michael Keeling on Architects Design Trade-off Toolbox: Balancing Agility and Technical Debt What viewers will learn: How the technical skills needed by a software architect change throughout a system's lifecycle and how this influences the architect's success How architects should be the champions of product quality while making the right (and timely) design trade-offs

Jun 02 2016

1hr 29mins

Play

Rank #14: A Taxonomy of Testing Types

Podcast cover
Read more
A surprisingly large number of different types of testing exist and are used during the development and operation of software-reliant systems. We have identified nearly 200 of these general types of testing and there are many additional types that are application-domain specific. While most testers, test managers, and other testing stakeholders are quite knowledgeable about a relatively small number of testing types, many people know very little about most of them and are unaware that others even exist. One way to understand so many types of testing is to classify them into a taxonomy that groups similar testing types together. One way to organize them is by the types of questions they answer. Specifically, types of testing can be categorized by the five Ws and two Hs: what, when, why, who, where, how, and how well. Understanding these different types of testing is important because different types of testing tend to uncover different types of defects and multiple testing types are needed to achieve sufficiently low levels of residual defects. Whereas not all of these testing types are relevant on all projects, a complete taxonomy can be very used to help discover the ones that are appropriate and ensure than no relevant type of testing is accidentally overlooked. Such a taxonomy can also be useful as a way to organize and prioritize one's study of testing. This tutorial introduces the attendee to our taxonomy of testing types, thereby clarifying the grand scope of testing and enabling the attendee to better select the appropriate types of testing to for their specific needs.

Jan 28 2016

1hr 3mins

Play

Rank #15: Cyber-Vulnerabilities in Aviation Today

Podcast cover
Read more

SEI Chief Operating Officer, Robert F. Behler discusses Cyber-Vulnerabilities in Aviation Today.

Dec 16 2015

28mins

Play

Rank #16: Web Traffic Analysis with CERT Tapioca

Podcast cover
Read more

Will Dormann discusses a tool that shows whether a connection to the web is secure and what information is being transmitted.

Dec 16 2015

46mins

Play

Rank #17: Generalized Automated Cyber-Readiness Evaluator (ACE)

Podcast cover
Read more

Rotem Guttman discusses how mission-readiness can be assessed at a DoD scale.

Dec 16 2015

39mins

Play

Rank #18: Culture Shock: Unlocking DevOps with Collaboration and Communication

Podcast cover
Read more
About the Webinar DevOps is all about delivering business value as rapidly as possible. Embracing its philosophies goes beyond implementing automation and tooling to speed software development and delivery. DevOps is a culture of communication and collaboration. For many of us, shifting to this new culture can create organizational "culture shock," or discomfort by those suddenly subjected to an unfamiliar culture, way of life, or set of attitudes. DevOps is not something you purchase or have implemented by a DevOps Engineer. Instead, a shared vision and common goals across teams and team members are critical to making a successful culture transformation. Join us for a discussion about ways to shift organizational culture to achieve DevOps. We will highlight communication tools and movements, such as ChatOps. DevOps is all about teams working together to continually improve their processes and achieve their shared business goals. With cross-functional teams, documentation must be in place. We will discuss strategies for curating information repositories that fit how a team works. Also, project and team management are core components of ensuring that team members are able to work efficiently and don’t get lost in meetings and context switching. Automated tools further enhance communication by exposing project data to everyone.

Aug 27 2015

1hr 2mins

Play

Rank #19: Advancing Cyber Intelligence Practices Through the SEI's Consortium

Podcast cover
Read more

Sound cyber intelligence practices can help organizations prevent or mitigate major security breaches. For several years, researchers at the SEI have been examining methodologies, processes, technology, and training to help organizations understand what it means to perform the work of cyber intelligence. To spur further development and advance understanding in this important area, the SEI launched the Cyber Intelligence Research Consortium, aimed at helping organizations make better judgments and quicker decisions related to cyber intelligence. The consortium's membership consists of practitioners and decision makers from multiple sectors, including government, energy, banking, defense contracting, and academia. At this webinar SEI practitioners will provide a detailed overview of the consortium's work during this inaugural year. Efforts for this year include how-to guides for navigating key analytical practices and technologies, tradecraft labs, and an in-person crisis simulation event. Webinar participants will also receive a guide for evaluating intelligence they can use in their own organizations.

Feb 20 2015

1hr

Play

Rank #20: Lessons in External Dependency and Supply Chain Risk Management

Podcast cover
Read more
In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities, and the lessons that organizations should take away. The session will focus on the lifecycle of supply chain relationships and introduce concepts to help organizations manage them more effectively. Managing the risks of depending on external entities and supply chains to support critical services has increasingly become an area of concern for both the federal government and private critical infrastructure organizations. External dependencies may consist of business partners that your organization relies on, cloud services such as data processing, or storage facilities. Or these dependencies may take the form of reliance on public infrastructure such as transportation or the electrical grid. The webinar speakers, John and Matthew, will discuss the HAVEX malware attacks on industrial control system vendors, which were reported to the security community in June 2014. For supply chain risk management, a key lesson from the HAVEX case is the importance of having a process to identify and prioritize external dependencies. The speakers will also explore and discuss methods for addressing this problem in a realistic, reliable way. Also covered in the webinar are the lessons for third-party risk management that organizations should take away from recent attacks on DoD-affiliated transportation contractors. The speakers will explain how to correctly scope and build security programs around key, organizationally critical services. The speakers will discuss how your organization can learn from these incidents, including best practices around forming relationships with external entities and managing the relationship over time to support your organization's incident management and situational awareness processes. The webinar closes with a recap of key supply chain risk management capabilities and an update to CERT research into the state of these capabilities across U.S. critical infrastructure sectors.

Jan 05 2015

1hr 27mins

Play