In this webcast, Joseph Yankel, Vaughn Coates, and David Shepard discuss how right-sizing DevSecOps restores velocity and reliability. Many organizations practicing DevSecOps have collapsed under the ...

Software based on the Unified Extensible Firmware Interface (UEFI) standard makes up the firmware of most modern desktop computers and servers. This software is largely invisible to users, critical to ...

Dempsey, C., and Hugues, J., 2025: A Model-Based Approach for Software Acquisition. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...

Tobar, D., Jamieson, J., Priest, M., and Fricke, J., 2025: 7 Recommendations to Improve SBOM Quality. Carnegie Mellon University, Software Engineering Institute's ...

Software is a growing component of modern business- and mission-critical systems. As a result, software assurance is becoming increasingly important to organizations across all sectors. A key aspect ...

DeCapria, D., 2024: Introduction to MLOps: Bridging Machine Learning and Operations. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...

This report describes 11 common vulnerabilities and 3 risks related to application programming interfaces, providing suggestions about how to fix or reduce their impact. Application programming ...

Schmidt, D., and Robert, J., 2024: Applying Large Language Models to DoD Software Acquisition: An Initial Experiment. Carnegie Mellon University, Software Engineering ...

Yankel, J., 2024: Example Case: Using DevSecOps to Redefine Minimum Viable Product. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...

Shannon Gallagher discusses findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use.

Ruefle, R., 2024: 10 Lessons in Security Operations and Incident Management. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed ...