Software Engineering Institute

Hasan Yasar is the technical manager of the Secure Lifecycle Solutions Group in the SEI’s CERT Division. His group focuses on software development processes and methodologies, specifically on DevOps and development, and researches advanced image analysis, cloud technologies, and big data problems. It also provides expertise and guidance to SEI's clients. Yasar has more than 25 years’ experience as senior security engineer, software engineer, software architect, and manager in all phases of secure software development and information modeling processes. He has an extensive knowledge of current software tools and techniques. He is also specializes in secure software solutions design and development in the cybersecurity domain, including data-driven investigation and collaborative incident management, network security assessment, automated, large-scale malware triage/analysis, medical records management, accounting, simulation systems, and document management. He is also an adjunct faculty member in the CMU Heinz College and Institute of Software Research where he currently teaches Software and Security and DevOps: Engineering for Deployment and Operations.

His current areas of professional interest include the following:

• secure software development including threat modeling, risk management framework and software assurance model
• secure DevOps process, methodologies and implementation
• software development methodologies (Agile, Safe, DevOps)
• cloud based application development, deployment and operations
• software architecture, design, develop and management of large-scale enterprise systems

Jose Morales is a researcher with the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has conducted research in cybersecurity since 1998 with a current focus on behavior-based malware analysis and detection, suspicion assessment theory and implementation, mobile malware, and malware distribution networks. He has extensive experience in building dynamic analysis systems for executable programs on various platforms. He graduated with a Ph.D. in Computer Science from Florida International University in 2008. Before coming to Carnegie Mellon, he was a post-doctoral research fellow at the Institute for Cyber Security at the University of Texas, San Antonio. He is co-founder and moderator of the Hispanics in Computing email list. He is a Senior Member of the ACM and the IEEE.