Best Defense Acquisition University Podcasts (2024)

1
Generative AI and Software Engineering Education 1:02:05

14d ago1:02:05

1:02:05

Within a very short amount of time, the productivity and creativity improvements envisioned by generative artificial intelligence (AI), such as using tools based on large language models (LLMs), have taken the software engineering community by storm. The industry is in a race to develop your next best software development tool. Organizations are pe…

1
Secure Systems Don’t Happen by Accident 59:08

29d ago59:08

59:08

Traditionally, cybersecurity has focused on finding and removing vulnerabilities. This is like driving backward down the highway using your rearview mirror. Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this webcast, Tim Chick discusses how security…

1
Can You Rely on Your AI? Applying the AIR Tool to Improve Classifier Performance 38:50

1M ago38:50

38:50

Modern analytic methods, including artificial intelligence (AI) and machine learning (ML) classifiers, depend on correlations; however, such approaches fail to account for confounding in the data, which prevents accurate modeling of cause and effect and often leads to prediction bias. The Software Engineering Institute (SEI) has developed a new AI …

1
Using a Scenario to Reason About Implementing a Zero Trust Strategy 1:02:22

2M ago1:02:22

1:02:22

There is a lot of documentation about a zero trust architecture, as well as directives that it be used for U.S. federal agencies and the Department of Defense (DoD), but little information on how to go about implementing it to improve an organization’s enterprise or DoD weapon system security. Use cases typically describe requirements for these sys…

1
Ask Us Anything: Supply Chain Risk Management 41:11

5M ago41:11

41:11

According to the Verizon Data Breach Report, Log4j-related exploits have occurred less frequently over the past year. However, this Common Vulnerabilities and Exposures (CVE) flaw was originally documented in 2021. The threat still exists despite increased awareness. Over the past few years, the Software Engineering Institute (SEI) has developed gu…

1
The Future of Software Engineering and Acquisition with Generative AI 1:32:10

6M ago1:32:10

1:32:10

We stand at a pivotal moment in software engineering, with artificial intelligence (AI) playing a crucial role in driving approaches poised to enhance software acquisition, analysis, verification, and automation. While generative AI tools initially sparked excitement for their potential to reduce errors, scale changes effortlessly, and drive innova…

1
Cyber Supply Chain Risk Management: No Silver Bullet 38:40

9M ago38:40

38:40

Compliance standards, privileged access management, software bills of materials (SBOMs), maturity models, cloud services, vulnerability management, etc. The list of potential solutions to supply chain risk management (SCRM) challenges seems unending as much as it is daunting to address. In this webcast, Brett Tucker explores some of these solutions…

1
Ask Us Anything: Generative AI Edition 1:30:37

10M ago1:30:37

1:30:37

Generative AI (GenAI) has been around for decades, but the latest leap in progress, fueled by high-capability large language models (LLMs), image and video generators, and AI pair programmers, has captivated audiences across a variety of disciplines. What can GenAI do well? What are the risks and opportunities of using GenAI? SEI experts Doug Schmi…

1
Evaluating Trustworthiness of AI Systems 1:02:08

10M ago1:02:08

1:02:08

AI system trustworthiness is dependent on end users’ confidence in the system’s ability to augment their needs. This confidence is gained through evidence of the system’s capabilities. Trustworthy systems are designed with an understanding of the context of use and careful attention to end-user needs. In this webcast, SEI researchers discuss how to…

1
Leveraging Software Bill of Materials Practices for Risk Reduction 1:02:03

10M ago1:02:03

1:02:03

A Software Bill of Materials (SBOM) is a comprehensive list of software components involved in the development of a software product. While recently gaining attention in the context of security, SBOMs have limited value unless properly integrated into effective cyber risk management processes and practices. The SEI SBOM Framework compiles a set of …

1
Institutionalizing the Fundamentals of Insider Risk Management 56:33

11M ago56:33

56:33

Insider threats pose an enduring, ever-evolving risk to an organization’s critical assets that require enterprise-wide participation to manage effectively. Many organizations struggle to make critical tasks in insider risk management “stick,” relying on several crutches to drive temporary organizational change, only to see those changes come undone…

1
What’s Wrong with ROI for Model-Based Analysis of Cyber-Physical Systems? 56:06

11M ago56:06

56:06

In this webcast, Fred Schenker, Jerome Hugues, and Linda Parker Gates discuss the benefits of using a model-based approach to improve the design of a CPS’ embedded computing resources. This is accomplished by (1) building virtual architectural models of the CPS’ embedded computing resources early in the system development lifecycle and (2) using th…

1
Will Rust Solve Software Security? 53:38

12M ago53:38

53:38

The Rust programming language makes some strong claims about the security of Rust code. In this webcast, David Svoboda and Joe Sible will evaluate the Rust programming language from a cybersecurity perspective. They will examine Rust's security model, both in what it promises and its limitations. They will also examine how secure Rust code has been…

1
Top 5 Challenges to Overcome on Your DevSecOps Journey 1:00:36

1y ago1:00:36

1:00:36

Historically, a lot of discussion in software security focused on the project level, emphasizing code scanning, penetration testing, reactive approaches for incident response, and so on. Today, the discussion has shifted to the program level to align with business objectives. In the ideal outcome of such a shift, software teams would act in alignme…

1
Improving Analytics Using Enriched Network Flow Data 1:02:25

1y ago1:02:25

1:02:25

Classic tool suites that are used to process network flow records deal with very limited detail on the network connections they summarize. These tools limit detail for several reasons: (1) to maintain long-baseline data, (2) to focus on security-indicative data fields, and (3) to support data collection across large or complex infrastructures. Howe…

1
Innovate to Win - Defense Acquisition University and Innovation Readiness Assesment 40:43

1+ y ago40:43

40:43

Join us as DEF's Executive Director sits with Dr. Marina Theodotou, Lolita Horne and Eric Farraro of DAU! Using industry and academic research, and insights from the workforce, the Defense Acquisition University (DAU) created the Innovation Competencies and Skills Model. The model includes a self-assessment and personalized learning recommendations…

1
The Masked Innovator 33:55

1+ y ago33:55

33:55

The Masked Innovator is a new take on Podcasts from the Defense Entrepreneurs Forum! Take a listen and see if you can figure out who the guests are before the end! No self promotions, no sales pitches, just honest opinions on the topic of innovation within the Department of Defense!

1
How Can Data Science Solve Cybersecurity Challenges? 1:00:01

1+ y ago1:00:01

1:00:01

In this webcast, Tom Scanlon, Matthew Walsh and Jeffrey Mellon discuss approaches to using data science and machine learning to address cybersecurity challenges. They provide an overview of data science, including a discussion of what constitutes a good problem to solve with data science. They also discuss applying data science to cybersecurity cha…

1
AI Next Generation Architecture 1:01:44

1+ y ago1:01:44

1:01:44

As Artificial Intelligence permeates mission-critical capabilities, it is paramount to design modular solutions to ensure rapid evolution and interoperability. During this webcast, we’ll discuss some of the primary quality attributes guiding such design, and how a Next Generation Architecture can facilitate an integrated future state. What attendee…

1
SBIR / STTR 101 37:21

1+ y ago37:21

37:21

Come learn how to navigate the challenging world of SBIR's and STTR's!

1
Addressing Supply Chain Risk and Resilience for Software-Reliant Systems 1:01:31

1+ y ago1:01:31

1:01:31

All technology acquired by an organization requires the support of (or integration with) components, tools, and services delivered by a diverse set of supply chains. However, the practices critical to addressing supply chain risks are typically scattered across many parts of the acquiring organization, and they are performed in isolated stovepipes.…

1
Midwest Mafia Update with Heath Murray 17:55

1+ y ago17:55

17:55

DEF's executive director Trish Martinelli talks with Heath Murray, the Indiana Agora lead, about the recent DEF Drink and Think and the importance of local Agoras in the national DEF ecosystem. Trish and Heath also discussed the unique nature of the DEF community and how it connects and empowers innovative thinkers in the national security space.…

1
Thoughts from the 757 with Nicholas Marchand 14:36

1+ y ago14:36

14:36

DEF's executive director Trish Martinelli talks with Nicholas Marchand, the lead for the 757 Agora. Nick hosted one of many DEF events on November 10, 2022, now unofficially known as National DEF Day. Trish and Nick discussed the 757 Agora, its unique position in the national security ecosystem, and the value local Agoras add to DEF's mission to in…

1
DEF in Chicago with Alex Gorsuch 13:49

1+ y ago13:49

13:49

DEF's executive director Trish Martinelli talks with Alex Gorsuch, the Chicago Agora lead, about his recent DEFx event, the Chicago entrepreneurial ecosystem, and his company Ascent. Trish and Alex also discuss future plans for the Chicago Agora and for DEF overall, and why individuals interested in the national security innovation space should get…

1
Does your DevSecOps Pipeline only Function as Intended? 52:40

1+ y ago52:40

52:40

Understanding and articulating cybersecurity risk is hard. With the adoption of DevSecOps tools and techniques and the increased coupling between the product being built and the tools used to build them, the attack surface of the product continues to grow by incorporating segments of the development environment. Thus, many enterprises are concerned…

1
Finding Your Way with Software Engineering Buzzwords 1:01:38

1+ y ago1:01:38

1:01:38

As a Software Engineering community, we started to hear new words with new definitions to achieve some challenges with deciding the shelf life of said terms. Some examples include: DevOps is dead, long live NoOps, SecOps, NoCode, SRE, GitOps, and recently Platform Engineering. We often confuse these terms in order to achieve certain software engine…

1
Infrastructure as Code Through Ansible 54:27

1+ y ago54:27

54:27

Infrastructure as code (IaC) is a concept that enables organizations to automate the provisioning and configuration of their IT infrastructure. This concept also aids organizations in applying the DevOps process (plan, code, build, test, release, deploy, operate, monitor, repeat) to their infrastructure. Ansible is a popular choice within the IaC t…

1
Applying the Principles of Agile to Strengthen the Federal Cyber Workforce 58:42

1+ y ago58:42

58:42

The lack of qualified cybersecurity professionals in the United States is a threat to our national security. We cannot adequately protect the systems that our government, economy, and critical infrastructure sectors rely on without an appropriately sized cyber workforce. By some estimates, there are over 700,000 cybersecurity job openings across th…

1
Ransomware: Defense and Resilience Strategies 58:55

1+ y ago58:55

58:55

Ransomware poses an imminent threat to most organizations. Whereas most traditional cyber attacks require extended threat actor engagement to seeking out critical information, exporting data, and demanding ransom from victims, ransomware shortens the process and puts immediate pressure on the victim to respond with payment. Unfortunately, the rise …

1
Using Open Source to Shrink the Cyber Workforce Gap 50:19

2y ago50:19

50:19

By all recent measures, the cybersecurity workforce is woefully understaffed. According to (ISC)², the cyber workforce gap in the United States was 377,000 open positions in 2021. The Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) has been working with the U.S. government to development novel approaches designed to shrink …

1
Exploring an AI Engineering Body of Knowledge 1:02:21

2y ago1:02:21

1:02:21

In this webcast, Carol Smith, Carrie Gardner, and Michael Mattarock discuss maturing artificial intelligence (AI) practices based on our current body of knowledge. Much as it did for software engineering in the 1980s, the SEI has begun formalizing the field of AI engineering, beginning with identifying three fundamental pillars to guide AI engineer…

1
Purpose Motivates Performance, with Wendi Peck & Bill Casey 35:58

2y ago35:58

35:58

What role do clear meaning and purpose play in performance? Wendi Peck and Bill Casey of Executive Leadership Group (ELG.net) join me to discuss "Success on Purpose," how the elevated "why" behind one's work is so vital to motivation, performance and success. The article, Success on Purpose, may be read at https://bit.ly/3DmfAjH / This special "epi…

1
I Am Remarkable with Alexis Bonnell 24:33

2y ago24:33

24:33

DEF's executive director Trish Martinelli talks with Alexis Bonnell about her time as a facilitator at I Am Remarkable, a Google project seeking to inspire and empower working people to take pride in their achievements. This kind of empowerment is a critical component to true success and fulfillment in both the defense and innovation spheres.…

1
What are Deepfakes, and How Can We Detect Them? 1:00:00

2y ago1:00:00

1:00:00

In this webcast, Shannon Gallagher and Dominic Ross discuss what deepfakes are, and how they are building AI/ML tech to distinguish real from fake. They will start with some well-known examples of deepfakes and discuss what makes them distinguishable as fake for people and computers.By Shannon Gallagher and Dominic Ross

1
Adapting Agile and DevSecOps to Improve Non-Software Development Teams 1:03:07

2y ago1:03:07

1:03:07

Agile and DevSecOps have revolutionized software engineering practices. The strategies put forward in Agile and DevSecOps have eased many software engineering challenges and paved the way for continuous deployment pipelines. But what do you do when you're facing a problem that doesn't fit the model of a pure software engineering project? In this we…

1
Cheryl Johnson: AMBITION: The Missing Attribute in Your Employees 1:10:15

2y ago1:10:15

1:10:15

We sit down with Cheryl Johnson, Learning Consultant and author of the book, AMBITION: The Missing Attribute in Your Employees. We use the concepts of IQ and EQ and AQ (Ambition Quotient) as a springboard for a conversation that explores human performance through the lens of Ambition. Johnson contends that "AQ" is the cream that rises to the top of…

1
Predictable Use of Multicore in the Army and Beyond 58:18

2y ago58:18

58:18

Complex, cyber-physical DoD systems, such as aircraft, depend on correct timing to properly and reliably execute crucial sensing, computing, and actuation functions. In this webcast, SEI staff members Bjorn Andersson, PhD, Dionisio de Niz, PhD, and William Vance of the U.S. Army Combat Capabilities Development Command Aviation & Missile Center disc…

1
Tim Slade: The ELearning Designer's Handbook 35:49

2+ y ago35:49

35:49

If we're honest, ELearning development can be overwhelming, especially for newer instructional designers. There's a wealth of theory to learn, plus multiple disciplines that come together to form the requisite skillset. Who can we turn to to make it easier? Tim Slade is an author, speaker and freelance eLearning designer who has been recognized and…

1
Ask Us Anything: Zero Trust Edition 1:02:27

2+ y ago1:02:27

1:02:27

The Forrester report, "The Definition of Modern Zero Trust," defines Zero Trust as an information security model that denies access to applications and data by default. Zero Trust adoption can be difficult for organizations to undertake. It is not a specific technology to adopt; instead, it’s an initiative that an enterprise must understand, interp…

1
Foundry, call to action! 57:28

2+ y ago57:28

57:28

The National Security Innovation Network (NSIN “Esign”) runs a program called “Foundry” that matches DOD technology with Entrepreneurs with the goal of creating private entities to sell the DOD technology to both the commercial and public/DoD sector. Featuring: Mark Anholt – Program Manager of Foundry, can speak to program, selection critea, histor…

1
Agora-In-A-Box 54:49

2+ y ago54:49

54:49

On January 31st, 2022 we hosted our first Agora Launch party. An event where we 'unboxed' the Agora-In-A-Box tool and demonstrated the process it takes to start a new Agora. We had a great turnout and are excited to see how many Agora will emerge in the coming months. If you weren't able to attend you can now listen to the recording from the event.…

1
Acquisition Disasters? Ideas For Reducing Acquisition Risk 47:28

2+ y ago47:28

47:28

The status quo for how we acquire cyber-physical weapon systems (CPS) needs to be changed. It is almost certain (for any acquisition of a CPS) that there will be cost overruns, schedule delays, and/or the loss of promised warfighter capability. Improved product development technologies could be applied, but they have not been adopted widely. We wil…

1
Engineering Tactical and AI-Enabled Systems 22:08

2+ y ago22:08

22:08

In this episode, Grace Lewis and Shane McGraw discuss how the SEI is applying research, through its highly successful Tactical and AI-Enabled Systems (TAS) initiative, to develop foundational principles, innovative solutions, and best practices for architecting, developing, and deploying tactical and AI-enabled systems. These systems will provide s…

1
Q1 Saturday Super Summit 26:26

2+ y ago26:26

26:26

On the 29th of January as another big storm bore down on the Northeast, the Defense Entrepreneurs Forum (DEF) held it’s quarterly volunteer summit, and the first Summit under the new Executive Director Trish Martinelli. More than 15 volunteers, leaders, staff, past and present Executive Directors, and DEF Board members kicked off the Summit and inv…

1
A Cybersecurity Engineering Strategy for DevSecOps 59:23

2+ y ago59:23

59:23

In this webcast, Carol Woody presents the scope of a cybersecurity engineering strategy for DevSecOps along with the criticality of sharing information with direct and indirect stakeholders.By Carol Woody

1
CRO Success Factors in the Age of COVID 55:59

2+ y ago55:59

55:59

In this webcast, Brett Tucker, Ryan Zanin, and Abid Adam discuss the critical factors for risk executives to be successful to not only protect critical assets but also to take advantage of new opportunities created via the pandemic.By Brett Tucker, Ryan Zanin, and Abid Adam

1
Zero Trust Journey 1:02:20

3y ago1:02:20

1:02:20

Zero Trust Architecture adoption is a challenge for many organizations. It isn't a specific technology to adopt; instead, it’s a security initiative that an enterprise must understand, interpret, and implement. Enterprise security initiatives are never simple, and their goal to improve the enterprise’s cybersecurity posture requires the alignment o…

1
The Future of AI: Scaling AI Through AI Engineering 1:01:59

3y ago1:01:59

1:01:59

In its 2021 report, the National Security Commission on AI (NSCAI) wrote, "The impact of artificial intelligence (AI) on the world will extend far beyond narrow national security applications." How do we move beyond those narrow AI applications to gain strategic advantage? Join Dr. Matt Gaston, Director of the SEI AI Division, Dr. Steve Chien, NSCA…

1
Patti Shank: The Power of Multiple Choice 52:56

3y ago52:56

52:56

Dr. Patti Shank joins us to talk about her new book, Write Better Multiple Choice to Assess Learning. Often underestimated and sub-optimized, multiple choice questions are actually a powerful medium. Well-authored, they help us measure what matters in our learning. We explore the ways in which we go wrong and how to right the situation so we may ma…

1
AI Engineering: Ask Us Anything About Building AI Better 1:04:47

3y ago1:04:47

1:04:47

Self-driving cars are being tested in our cities, bespoke movie and product recommendations populate our apps, and we can count on our phones to route us around highway traffic... Why, then, do most AI deployments fail? What is needed to create, deploy, and maintain AI systems we can trust to meet our mission needs, particularly for defense and nat…

Podcasts Worth a Listen

Defense Acquisition University Podcasts

Podcasts Worth a Listen

Quick Reference Guide