Evaluation of Methods for Managing Secrets for Kubernetes on Microsoft Azure
This report provides guidance to help organizations' evaluation solutions to manage secrets when using Kubernetes on Microsoft Azure.
News
Digital Library
The SEI publishes extensively to connect with and deliver our most recent advancements in software engineering, cyber, artificial intelligence, and acquisition transformation to the software community. We publish our research in elite journals, and we also produce technical reports, white papers, webcasts, and much more—all of which we make available in our digital library. We’ve collected thousands of publications over decades of research that you can download today.
Search the digital library
Technical Papers
Managing Architectural Risk During Agile Development
This report presents Agile Architecture Risk Management and Continuous Risk Management to identify S/W development risks before production and project failure.
Instantiating the Error Model Version 2 (EMV2) Annex
The Error Model Annex, Version 2 (EMV2), notation for architecture fault modeling supports safety, reliability, and security analyses as part of the OSATE toolset.
Applying Causal Learning to Evaluate Large Language Models (LLMs)
This report describes how the SEI applied causal discovery to LLM summarization, exemplifying a way to address bias when evaluating complex new technology.
Independent Assessment of Civilian Cybersecurity Reserve for Department of Defense
This study assesses the feasibility of creating a civilian cybersecurity reserve to provide qualified staffing to address workforce shortages in the DoD.
A Preliminary Report on a Model for Maturing AI Adoption: From Hype to Achieving Repeatable, Predictable Outcomes
This document introduces the key concepts of a model for AI adoption, which will provide organizational leaders with guidance on overcoming the challenges that arise as they try to realize the promise of AI.
Blog Posts
This blog post describes cutting-edge method for creating digital models of the physical world called 3D Gaussian Splatting.
This post highlights recent work by SEI researchers on behalf of the Department of War to assess the feasibility and advisability of a civilian cybersecurity …
This post presents five foundational capabilities to support the acquisition of a system with effective software assurance.
This post highlights the work of SEI researchers who sought to prove that LLMs can be used in unclassified environments to rapidly develop tools that …
Podcasts
Paul Nielsen, the SEI's director and chief executive officer, discusses his legacy, the impact of mentors, and the importance of encouraging scientists and engineers to …
The Pentagon commissioned the SEI to assess the feasibility and advisability of creating a civilian cybersecurity reserve that could harness cyber expertise from the private …
Our latest podcast highlights an AI Adoption Maturity Model that organizations can use to create a roadmap for predictable AI adoption and realization of AI …
This podcast explores updates to the Pointer Ownership Model for C, a modeling framework designed to improve the ability of developers to statically analyze C …
Webcasts
Upcoming
Upcoming Webcast
・
When Performance Isn’t Enough: Ensuring the Safety and Security of AI Systems
Latest webcasts
In this webcast, Justin Novak and Christopher Ian Rodman discuss how AI can be leveraged to build out and enable your security operations center (SOC) …
In this webcast, Brigid O’Hearn, Christina Rhylander, and Julie Cohen provide you with the practical insight you need to develop a Capability Needs Statement (CNS) …
In this webcast, Dr. Carol Woody and Michael Bandor discuss key software assurance activities that must be embedded within the acquisition lifecycle to be effective.
In this webcast, SEI researchers explore the current challenges and emerging solutions for building and sustaining cyber and AI-ready individuals and teams.
Vulnerability Notes
The SEI builds relationships with software vendors and other organizations to coordinate prompt responses to possible risks or threats that arise from software vulnerabilities. Over the years, we have built an extensive vendor network, and we work as a trusted broker to identify, disclose, and mitigate vulnerabilities. As part of this effort, we publish vulnerability notes to keep the community informed and to enable effective and swift mitigation.