Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 12400 results

Special Report | August 2017 - Special Report The CERT Guide to Coordinated Vulnerability Disclosure By Allen D. Householder, Garret Wassermann, Art Manion, Christopher King

This guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful Coordinated Vulnerability Disclosure process. It also provides insights into how CVD can go awry and how to respond when it does so.

Video | September 2017 - Video SEI Cyber Minute: Cyber Risk Appetite

So what is risk appetite? It is the amount and type of risk that an organization is willing to accept. In other words, risk appetite specifies value ranges for key performance indicators.

Brochure | August 2017 - Brochure Summer 2017 Edition of the Secure Coding Newsletter

The CERT Secure Coding Team announces several open positions on its team in secure coding and software assurance.

Video | August 2017 - Video SEI Cyber Minute: Software Defined World By Jeff Boleng

We live in a software defined world. More and more of the capability and value we derive from our connected devices is achieved by software.

Video | August 2017 - Video SEI Cyber Minute: Representing Your Technical Debt By Ipek Ozkaya

Watch Ipek Ozkaya in this Cyber Minute, as she recommends developers adopt a simple practice of reporting technical debt, including its potential accumulating side effects, as they discover or accrue that debt.

Video | August 2017 - Video SEI Cyber Minute: Securing Open Source Components

Nearly 2 billion vulnerable components are downloaded annually, and the average application has more than 20 open source vulnerabilities. Mark Sherman recommends the SPDO approach to secure open source components to diminish the risk and the impact.

White Paper | June 2017 - White Paper The Hard Choices Game Explained By Nanette Brown, Philippe Kruchten, Erin Lim, Robert Nord, Ipek Ozkaya

The Hard Choices game is a simulation of the software development cycle meant to communicate the concepts of uncertainty, risk, and technical debt.

Podcast | August 2017 - Podcast The CERT Software Assurance Framework By Carol Woody - PhD, Christopher J. Alberts

In this podcast, Carol Woody and Christopher Alberts introduce the prototype Software Assurance Framework, a collection of cybersecurity practices that programs can apply across the acquisition lifecycle and supply chain.

Webinar | August 2017 - Webinar The Evolving Role of the Chief Risk Officer By Summer C. Fowler, Greg Porter (Heinz College at Carnegie Mellon University)

In this webinar we discussed the challenges facing the CRO role and about how CMU's new CRO program can help you address those challenges.

Presentation | May 2017 - Presentation Django & Twitter Bootstrap in the Workplace: Build 'em Fast ... By Eliezer Kanal

In this talk, I'll discuss how I used the Django web framework, in conjunction with Twitter Bootstrap, to quickly build complex business applications.