Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Tom Scanlon
February 2019 - Podcast 10 Types of Application Security Testing Tools and How to Use Them

Topics: Cyber-Physical Systems, Cybersecurity Engineering, Vulnerability Analysis

Authors: Tom Scanlon

Thomas Scanlon, a researcher in the SEI’s CERT Division, discusses the different types of application security testing tools and provides guidance on how and when to use each tool.

December 2018 - Special Report DoD Developer’s Guidebook for Software Assurance

Topics: Software Assurance

This guidebook helps software developers for DoD programs understand expectations for software assurance and standards and requirements that affect assurance.

August 2018 - White Paper Threat Modeling: A Summary of Available Methods

Topics: Cyber-Physical Systems, Cybersecurity Engineering, Software Assurance, Science of Cybersecurity

This paper discusses twelve threat modeling methods from a variety of sources that target different parts of the development process.