sei.cmu

Using Popular LLMs for Static Analysis Alert Adjudication: For the 2025 DoW AI/ML Technical Exchange Meeting

On January 15, 2026, Lori Flynn and Will Klieber presented this session at the Department of War (DoW) Artificial Intelligence/Machine Learning (AI/ML) Technical Exchange Meeting, in the Security and ...
sei.cmu

Modeling Languages for Model-Based Systems Engineering (MBSE)

McGregor, J., and Cohen, S., 2022: Modeling Languages for Model-Based Systems Engineering (MBSE). Carnegie Mellon University, Software Engineering Institute's ...
sei.cmu

The SEI SBOM Framework: Informing Third-Party Software Management in Your Supply Chain

Alberts, C., Bandor, M., Wallen, C., and Woody, C., 2023: The SEI SBOM Framework: Informing Third-Party Software Management in Your Supply Chain. Carnegie Mellon ...
sei.cmu

A Field Study of Technical Debt

Ernst, N., 2015: A Field Study of Technical Debt. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed February 4, 2026, https://www ...
sei.cmu

Insider Threat Awareness Training

This one hour course provides a basic understanding of insider threats within an organization and what employees should be aware of in their responsibilities to protect an organization's critical ...
sei.cmu

How Easy Is It to Make and Detect a Deepfake?

Bernaciak, C., and Ross, D., 2022: How Easy Is It to Make and Detect a Deepfake?. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Probably Don’t Rely on EPSS Yet

Spring, J., 2022: Probably Don’t Rely on EPSS Yet. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed January 22, 2026, https ...
sei.cmu

An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

Stewart, K., and Hoover, A., 2020: An Introduction to the Cybersecurity Maturity Model Certification (CMMC). Carnegie Mellon University, Software Engineering ...
sei.cmu

Insider Threat Test Dataset

The CERT Division, in partnership with ExactData, LLC, and under sponsorship from DARPA I2O, generated a collection of synthetic insider threat test datasets. These datasets provide both synthetic ...
sei.cmu

Architecting the Future of Software Engineering: A National Agenda for Software Engineering Research & Development

Software is vital to our country’s global competitiveness, innovation, and national security. It also ensures our modern standard of living and enables continued advances in defense, infrastructure, ...
sei.cmu

CERT Advisories 1988-2004

NOTE: CERT/CC advisories have become part of the US-CERT National Cyber Awareness System.
sei.cmu

Rust Software Security: A Current State Assessment

Sible, J., and Svoboda, D., 2022: Rust Software Security: A Current State Assessment. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...