Software based on the Unified Extensible Firmware Interface (UEFI) standard makes up the firmware of most modern desktop computers and servers. This software is largely invisible to users, critical to ...

This presentation on insider threats in the SDLC was delivered by Dawn Cappelli, Andrew P. Moore, and Randy Trzeciak of the Software Engineering Institute's CERT Program in 2006.

This newsletter compiles the latest SEI releases and news about the CERT UEFI Parser for inspecting firmware, webcasts on right-sized DevSecOps and on the Software Acquisition Pathway, SEI appearances ...

Dormann, W., 2016: The Risks of Google Sign-In on iOS Devices. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed January 14, 2026 ...

Mehravari, N., and Allen, J., 2016: Structuring the Chief Information Security Officer (CISO) Organization. Carnegie Mellon University, Software Engineering Institute ...

This contact form is for general questions and requests for contact. Do not use this contact form to send sensitive information. Please review the guidelines for sending sensitive information. If you ...

In this webcast, Joseph Yankel, Vaughn Coates, and David Shepard discuss how right-sizing DevSecOps restores velocity and reliability.

Spring, J., 2022: Probably Don’t Rely on EPSS Yet. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed January 14, 2026, https ...

Bernaciak, C., and Ross, D., 2022: How Easy Is It to Make and Detect a Deepfake?. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...

Sible, J., and Svoboda, D., 2022: Rust Software Security: A Current State Assessment. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...