Get to know precision machining suppliers! Speaking of Suppliers is a brand new podcast where PMPA Technical Members are interviewed by PMPA Staff and share who they are, what they do and how they help the precision machining industry.
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Software Engineering Institute (SEI) Podcast Series
Members of Technical Staff at the Software Engineering Institute
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
…
continue reading
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Seri ...
…
continue reading
Discussions with SEI researchers about cyber-related topics of interest
…
continue reading
We are a team of 30+ highly skilled SEO professionals and web designers, all hand trained in my Standard Operating Procedures. All of the Rank Fortress Staff came to me needing to learn how to do SEO, and I have taught them everything required to rank a site or GMB listing. When I first started my Agency, it was just two vas, and over the past year, we quickly grew our agency to where it is now. With a specialized staff, each staff member has specific tasks they are responsible for. For exam ...
…
continue reading
In these short videos, experts from the Software Engineering Institute (SEI) deliver informative snapshots of our latest research on the changing world of all things cyber. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.
…
continue reading
Fine. I'll do a podcast on corporate IT, tech in general, business, the AI Meltdown, and any other topic I find interesting (movies, tacos). This isn't some dry tech podcast for nerds only (nerds welcome), this is a banter-forward, why-so-serious pod that won't hesitate to take detours and try to entertain. But we'll also make serious points about how IT at growing businesses can be great, efficient, secure, strategic, automated, and even friendly (WHAT?!). Bring your sense of humor - life i ...
…
continue reading
Welcome to Flat and Thru with Liv Green and Leslie Smith! We are diving into all things Field Hockey. In this podcast, we will be talking to coaches and recent graduates of all divisions and conferences, support staff, former club coaches and overall “hockey heads” about an array of topics that cover situations beyond the technical and tactical parts of the game. We are going to explore topics such as differences in collegiate divisions, daily life as a SA, mental health, physical training, ...
…
continue reading
![Artwork](/static/images/128pixel.png)
1
An Introduction to Capability-Based Planning
33:55
33:55
Play later
Play later
Lists
Like
Liked
33:55
Capability-Based Planning (CBP) defines a framework that has an all-encompassing view of existing abilities and future needs for strategically deciding what is needed and how to effectively achieve it. Both business and government acquisition domains use CBP for financial success or to design a well-balanced defense system. The definitions understa…
…
continue reading
We discuss three stories ripped from today's headlines that cover the forces of evil conspiring to ruin remote work for all of us including North Korea, The Evil HR Lady, Mouse Jigglers and yes, Wells Fargo. And we agree that Mouse Jigglers would be a good name for a band.By David Wheat, alt-CIO Consulting
…
continue reading
CMMC compliance is not just IT- it has broad Operational component as well. Listen as Lawrence Cruciana and Miles Free explore how this process will impact and change your practices across your shop. For More Information visit www.pmpa.org/podcastsBy PMPA
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Safeguarding Against Recent Vulnerabilities Related to Rust
26:25
26:25
Play later
Play later
Lists
Like
Liked
26:25
What can the recently discovered vulnerabilities related to Rust tell us about the security of the language? In this podcast from the Carnegie Mellon University Software Engineering Institute, David Svoboda discusses two vulnerabilities, their sources, and how to mitigate them.
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Generative AI and Software Engineering Education
1:02:05
1:02:05
Play later
Play later
Lists
Like
Liked
1:02:05
Within a very short amount of time, the productivity and creativity improvements envisioned by generative artificial intelligence (AI), such as using tools based on large language models (LLMs), have taken the software engineering community by storm. The industry is in a race to develop your next best software development tool. Organizations are pe…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Developing a Global Network of Computer Security Incident Response Teams (CSIRTs)
30:51
30:51
Play later
Play later
Lists
Like
Liked
30:51
Cybersecurity risks aren’t just a national concern. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), the CERT division’s Tracy Bills, senior cybersecurity operations researcher and team lead, and James Lord, security operations technical manager, discuss the SEI’s work developing Computer Security Incident R…
…
continue reading
Traditionally, cybersecurity has focused on finding and removing vulnerabilities. This is like driving backward down the highway using your rearview mirror. Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this webcast, Tim Chick discusses how security…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Can You Rely on Your AI? Applying the AIR Tool to Improve Classifier Performance
38:50
38:50
Play later
Play later
Lists
Like
Liked
38:50
Modern analytic methods, including artificial intelligence (AI) and machine learning (ML) classifiers, depend on correlations; however, such approaches fail to account for confounding in the data, which prevents accurate modeling of cause and effect and often leads to prediction bias. The Software Engineering Institute (SEI) has developed a new AI …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Automated Repair of Static Analysis Alerts
27:05
27:05
Play later
Play later
Lists
Like
Liked
27:05
Developers know that static analysis helps make code more secure. However, static analysis tools often produce a large number of false positives, hindering their usefulness. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda, a software security engineer in the SEI’s CERT Division, discusses Rede…
…
continue reading
Not all paths to cybersecurity careers look the same. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Randy Trzeciak, deputy director of cyber risk and resilience in the SEI’s CERT division, discusses his career journey, resources for pursuing a career in cybersecurity, and the importance of building a dive…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
IT Smart Peeps Panel - What Makes a Great I.T. Staff Member?
47:31
47:31
Play later
Play later
Lists
Like
Liked
47:31
We welcome a panel of IT deep thinkers to discuss the attributes that make for great IT staff. Darrick and David are joined by Tejal Patel and Keven Pennock to share our experiences with what the very best IT staff we've ever worked with have in common. And in the final segment, we have fun trimming our list down to our Final Five. Along the way we…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Using a Scenario to Reason About Implementing a Zero Trust Strategy
1:02:22
1:02:22
Play later
Play later
Lists
Like
Liked
1:02:22
There is a lot of documentation about a zero trust architecture, as well as directives that it be used for U.S. federal agencies and the Department of Defense (DoD), but little information on how to go about implementing it to improve an organization’s enterprise or DoD weapon system security. Use cases typically describe requirements for these sys…
…
continue reading
Sam Procter started out studying computer science at the University of Nebraska, but he didn’t love it. It wasn’t until he took his first software engineering course that he knew he’d found his career path. In this podcast from the Carnegie Mellon University Software Engineering Institute, Sam Procter discusses the early influences that shaped his …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Technical Debt & A Perfect Remote Work Coffee Shop
28:57
28:57
Play later
Play later
Lists
Like
Liked
28:57
What makes a coffee shop perfect for remote work? We have a rating system. And we add a little bathroom talk in the banter segment. In The Big Idea segment, we discuss a very important IT concept called Technical Debt. It's bad, like a car that burns oil so badly you have to add oil while you drive (true story).…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Developing and Using a Software Bill of Materials Framework
37:37
37:37
Play later
Play later
Lists
Like
Liked
37:37
With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Snack Size: Dell says "No promotion for you!"
14:12
14:12
Play later
Play later
Lists
Like
Liked
14:12
Hoo boy, the Return to Office wars have just gotten silly. And dark. Dell just announced they're going to start discriminating against their own employees who work not-near a Dell office. That's right, remote workers are no longer eligible for promotions at Dell. So, we play the game "what if we replaced 'remote workers' with another group of peopl…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Importance of Diversity in Cybersecurity: Carol Ware
26:37
26:37
Play later
Play later
Lists
Like
Liked
26:37
In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Ware, a senior cybersecurity engineer in the SEI’s CERT Division, discusses her career path, the value of mentorship, and the importance of diversity in cybersecurity.By Carol Ware
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Importance of Diversity in Software Engineering: Suzanne Miller
29:02
29:02
Play later
Play later
Lists
Like
Liked
29:02
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Suzanne Miller, a principal researcher in the SEI’s Software Solutions Division, discusses her career path, the value of mentorship, and the importance of diversity in software engineering.By Suzanne Miller
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Snack Size: #badIT The Online Appointment Head Fake
15:19
15:19
Play later
Play later
Lists
Like
Liked
15:19
In this Snack Size episode, I book an online service appointment for my car only to end up wondering "Do I or Don't I Actually Have an Appointment?" In a tale of woe - spoiler alert - I did not, thanks to some #badIT at my local dealership. That was bad enough, but they doubled down on some awful follow up to my mild-but-not-five-star review to ans…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Importance of Diversity in Artificial Intelligence: Violet Turri
16:57
16:57
Play later
Play later
Lists
Like
Liked
16:57
Across the globe, women account for less than 30 percent of professionals in technical fields. That number drops to 22 percent in the field of Artificial Intelligence (AI). In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Violet Turri, a software developer in the SEI’s AI Division, discusses the evolution of…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Magical Gas Stations & The Beauty of Agile
41:46
41:46
Play later
Play later
Lists
Like
Liked
41:46
Darrick stans a magical gas station chain to a semi-skeptical David. But they both agree on the magic of the Agile methodology for code development, ERP projects, your next cross-country trip, and maybe even your marriage.By David Wheat, alt-CIO Consulting
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Using Large Language Models in the National Security Realm
34:45
34:45
Play later
Play later
Lists
Like
Liked
34:45
At the request of the White House, the Office of the Director of National Intelligence (ODNI) began exploring use cases for large language models (LLMs) within the Intelligence Community (IC). As part of this effort, ODNI sponsored the Mayflower Project at Carnegie Mellon University’s Software Engineering Institute (SEI) from May 2023 through Septe…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Atypical Applications of Agile and DevSecOps Principles
33:41
33:41
Play later
Play later
Lists
Like
Liked
33:41
Modern software engineering practices of Agile and DevSecOps have provided a foundation for producing working software products faster and more reliably than ever before. Far too often, however, these practices do not address the non-software concerns of business mission and capability delivery even though these concerns are critical to the success…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
#badIT: The UK Post Office Scandal, with CNN's Anna Cooban
47:45
47:45
Play later
Play later
Lists
Like
Liked
47:45
Thousands fired from their jobs and forced into financial ruin or bankruptcy. Ostracized from their families and communities as thieves and cheats. Hundreds falsely accused, prosecuted, and sent to prison. Several died of suicide. An ordeal lasting decades. 𝘼𝙣𝙙 𝙩𝙝𝙚𝙮 𝙬𝙚𝙧𝙚 𝙖𝙡𝙡 𝙘𝙤𝙢𝙥𝙡𝙚𝙩𝙚𝙡𝙮 𝙞𝙣𝙣𝙤𝙘𝙚𝙣𝙩. The cause? The worst #badIT story you’ll ever hear. C…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Ask Us Anything: Supply Chain Risk Management
41:11
41:11
Play later
Play later
Lists
Like
Liked
41:11
According to the Verizon Data Breach Report, Log4j-related exploits have occurred less frequently over the past year. However, this Common Vulnerabilities and Exposures (CVE) flaw was originally documented in 2021. The threat still exists despite increased awareness. Over the past few years, the Software Engineering Institute (SEI) has developed gu…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
When Agile and Earned Value Management Collide: 7 Considerations for Successful Interaction
35:21
35:21
Play later
Play later
Lists
Like
Liked
35:21
Increasingly in government acquisition of software-intensive systems, we are seeing programs using Agile development methodology and earned value management. While there are many benefits to using both Agile and EVM, there are important considerations that software program managers must first address. In this podcast, Patrick Place, a senior engine…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
IT Rules The Future + CSI(T): The Mystery of The Impossible Job Title
27:28
27:28
Play later
Play later
Lists
Like
Liked
27:28
In IT in Popular Culture we talk about a TV show where the IT rules the dystopian future (finally!) Plus how we're not fond of dudes getting their swole on and posting sweaty photos on LinkedIn. In our new CSI(T) segment, we put on our detective hats to inspect a job posting that merges two completely different IT skillsets into a single job and at…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Future of Software Engineering and Acquisition with Generative AI
1:32:10
1:32:10
Play later
Play later
Lists
Like
Liked
1:32:10
We stand at a pivotal moment in software engineering, with artificial intelligence (AI) playing a crucial role in driving approaches poised to enhance software acquisition, analysis, verification, and automation. While generative AI tools initially sparked excitement for their potential to reduce errors, scale changes effortlessly, and drive innova…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Impact of Architecture on Cyber-Physical Systems Safety
34:05
34:05
Play later
Play later
Lists
Like
Liked
34:05
As developers continue to build greater autonomy into cyber-physical systems (CPSs), such as unmanned aerial vehicles (UAVs) and automobiles, these systems aggregate data from an increasing number of sensors. However, more sensors not only create more data and more precise data, but they require a complex architecture to correctly transfer and proc…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Snack Size Episode: Murky ERP Pricing Practices
14:12
14:12
Play later
Play later
Lists
Like
Liked
14:12
Everybody loves surprises. Surprise birthday parties, unexpected bonuses, people hiding under your bed and grabbing your leg.. Wait, maybe some surprises that aren't so nice. In this Snack Size (shorter) episode, we discuss opaque pricing by some large software companies, including the hidden calculator keeping track of whether you've racked up eno…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
ChatGPT and the Evolution of Large Language Models: A Deep Dive into 4 Transformative Case Studies
46:22
46:22
Play later
Play later
Lists
Like
Liked
46:22
To better understand the potential uses of large language models (LLMs) and their impact, a team of researchers at the Carnegie Mellon University Software Engineering Institute CERT Division conducted four in-depth case studies. The case studies span multiple domains and call for vastly different capabilities. In this podcast, Matthew Walsh, a seni…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Formula for Great IT Service + DC Travel Tips!
40:36
40:36
Play later
Play later
Lists
Like
Liked
40:36
In the opening banter segment, we question whether we should trust Spotify's AI DJ so much and give our Washington DC travel tips. Darrick focuses on history and culture, while David just wants to find something to eat. We have fun pronouncing "L'Enfant" in French, because we're apparently "L'Children". In The Big Idea segment, we share our formula…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
The Cybersecurity of Quantum Computing: 6 Areas of Research
23:01
23:01
Play later
Play later
Lists
Like
Liked
23:01
Research and development of quantum computers continues to grow at a rapid pace. The U.S. government alone spent more than $800 million on quantum information science research in 2022. Thomas Scanlon, who leads the data science group in the SEI CERT Division, was recently invited to be a participant in the Workshop on Cybersecurity of Quantum Compu…
…
continue reading
Far too often software programs continue to collect metrics for no other reason than that is how it has always been done. This leads to situations where, for any given environment, a metrics program is defined by a list of metrics that must be collected. A top-down, deterministic specification of graphs or other depictions of data required by the m…
…
continue reading