Best Securecoding podcasts we could find (Updated March 2019)
Related podcasts: Softwareengineering Softwaredevelopment Softwarearchitecture Cybersecurity Tech  
Securecoding public [search 0]
×
Join millions of Player FM users today to get Securecoding news and insights whenever you like, even when you're offline. Podcast smarter with the podcast app that refuses to compromise … it's free and easy.
Podcast smarter! Player FM is free and easy.
show episodes
 
SEI experts offer a scheduled presentation and Q&A as a webinar that is recorded live and later offered as a webcast.
 
Loading …
show series
 
Cybersecurity operators have to keep up with a world that's constantly changing, and they may lack the tools, time, and access to learn how to face actual threats. Simulated environments may not appear or behave the way they do in real life, and classroom-based approaches don’t provide the big picture. Throughout this talk, our team of research ...…
 
In this webcast, Lori Flynn, a CERT senior software security researcher, describes the new features in SCALe v3, a research prototype tool. SCALe v2, available on GitHub, offers a subset of features available in SCALe v3. Over the last three years, as part of alert classification and prioritization research projects she has led, her team has ad ...…
 
In this first webcast in a two-part series, April Galyardt and Carson Sestili described what metadata is and what information can be gleaned from it. Social networks have become part of our daily lives. We browse, share, “like,” and generally communicate with friends using these tools every day. In the midst of all this, we rarely stop to consi ...…
 
In this webcast, we explain how the technology works and what makes it fundamentally different than its predecessors. We discuss where it fits (and where it doesn’t fit) and help set a rubric to help you determine if you need this technology.
 
Watch Jeff Boleng, Robert Schiela, Samuel Procter, Lena Pons, and Nathan VanHoudnos discuss "Three Software Innovations that DoD Needs Now".
 
Watch this lively discussion in which we answered attendee questions on all things Agile and DevOps.
 
During this webinar, Dr. Shannon examined the questions, science, and technology that builds trust with customers, other organizations, and society to ensure their security and privacy, and our own resilience and accountability.
 
Have software's repeated successes, and the assumption that they will continue endlessly, discounted perceptions of its importance among leadership in civilian government, national defense, and national security organizations?
 
This webinar focused on the development and application of combined data analytics and offered several examples of analytics that combine domain resolution data, network device inventory and configuration data, and intrusion detection.
 
Watch this webcast to gain insights into effective metrics programs in government settings.
 
In this discussion-focused webinar, Bob Binder and SuZ Miller will discuss 5 key questions that government organizations contemplating embarking on adopting automated test techniques and tools in an Agile environment are likely to have.
 
In this webinar we discussed the challenges facing the CRO role and about how CMU's new CRO program can help you address those challenges.
 
This webinar summarizes much of what the SEI has learned in its eight years of researching and facilitating adoption of Agile and Lean methods in software-reliant systems in government.
 
Network flow records provide a useful overview of traffic on a network that uses the Internet protocol (IP) to pass information. Huge numbers of bytes and thousands of packets can be summarized by a relatively small number of records, with few privacy concerns and a small record size (which aids both speed of retrieval and duration of storage). ...…
 
In this webinar, we discuss topics to consider when planning a large modernization project and share mitigation strategies for executing the modernization effort.
 
This webinar describes some of the issues involved in automating the collection and analysis of malware, which has seen exponential growth over the past decade.
 
For different reasons, usability is generally an afterthought in the cybersecurity tool development process. In this webinar, we teach the audience the value of defining the problem and how this impacts the software quality outcomes.
 
In this webinar, we discussed how you can improve your organization's secure coding capabilities and how to improve your workforce, processes, and tools to develop and verify the security of your software before it is deployed.
 
Over the past few years, there has been a veritable explosion of hiring in the field of data science. Just ten years ago, the phrase data scientist was almost unheard of; nowadays, data scientist positions are advertised across numerous industries, with a particular focus on high tech. What is this position and why is it relevant? In this webin ...…
 
Learn why secure coding practices are important to reduce common programming errors that lead to vulnerabilities.
 
Learn the importance of developing security requirements in the same time frame as functional requirements.
 
Learn how to better identify process improvements at your organization through new perspectives on secure software development and delivery.
 
Learn how to develop a vulnerability coordination capability, which helps you respond to vulnerabilities and demonstrates that you are serious about fixing them.
 
Last summer's Wired article describing vulnerabilities in the Jeep shows that software is being created and deployed with exploitable, yet avoidable, security flaws. So far, the automotive attacks have been largely demonstrations. However, successful cyber-attacks have been carried out on steel furnaces in Germany and the electrical grid in Ukr ...…
 
For two decades, the SEI has been instrumental in the creation and development of the field of software engineering known as software architecture. An architect whose skills and capabilities match a project's needs is more likely to be successful. So what are those skills? In this webinar, SEI researchers and an industry colleague discussed in ...…
 
This webinar proposed the Intelligence Preparation for Operational Resilience (IPOR) framework to create a model for structured analysis of your intelligence needs and a way to operationalize threat intelligence once you have received it. To build a structure to meet this end, the IPOR references and builds upon frameworks such as the military’ ...…
 
The most precious resource people have in today’s ever-connected world is their attention. Human interaction with information systems has continually shrunk from hours behind a terminal, to minutes interacting with a cell phone screen, to only 3–5 seconds glancing at a smart watch or wearable device. The key to making information immediately un ...…
 
Cyber situational awareness is an emerging topic in network operations and defense, yet the overarching concept of situational awareness has been widely used and studied extensively for decades. During this webinar, we will • describe the foundations of cyber situational awareness • explore how to apply situational awareness concepts to the cyb ...…
 
The implementation of DevOps implies improvement across the entire scope of software delivery. However, as with any process change or introduction of new technology, lack of attention to security can invite disaster. In this presentation, we’ll explore some of the security-related topics and expectations that can be addressed when planning and ...…
 
A surprisingly large number of different types of testing exist and are used during the development and operation of software-reliant systems. We have identified nearly 200 of these general types of testing and there are many additional types that are application-domain specific. While most testers, test managers, and other testing stakeholders ...…
 
SEI Chief Operating Officer, Robert F. Behler discusses Cyber-Vulnerabilities in Aviation Today.
 
Will Dormann discusses a tool that shows whether a connection to the web is secure and what information is being transmitted.
 
Rhiannon Weaver discusses how a small subset of features from dynamic malware analysis can help to uncover possible relationships among files and to direct static reverse engineering efforts.
 
Jose Morales discusses mobile device security enhancements with defensive and offensive uses.
 
Greg Shannon discusses the CERT Division's current work associated with cyber community of interest (COI).
 
CERT researchers discuss risk management and resilience.
 
Rotem Guttman discusses how mission-readiness can be assessed at a DoD scale.
 
Will Klieber and Lori Flynn discuss undesired flows of sensitive information within and between Android apps.
 
About the Webinar DevOps is all about delivering business value as rapidly as possible. Embracing its philosophies goes beyond implementing automation and tooling to speed software development and delivery. DevOps is a culture of communication and collaboration. For many of us, shifting to this new culture can create organizational "culture sho ...…
 
The definition of DevOps is a highly contested topic. Despite what some will lead you to believe DevOps is not just a set of tools, nor is it merely a focus on achieving continuous integration, continuous delivery, or continuous deployment. DevOps practices enable a team to achieve the level of coordination and understanding necessary to realiz ...…
 
While software security is an increasing concern for software and system architects, few architects approach this quality concern strategically. Architects and developers primarily focus on functionality, and security is often applied as a band-aid solution after an application has been developed. In the second talk we report on three case stud ...…
 
Software architecture has enormous influence on the behavior of a system. For many categories of systems, early architectural decisions can be a greater influence on success than nearly any other factor. After more than twenty years of research and practice, the foundations for software architecture have been established and codified, but chall ...…
 
Sound cyber intelligence practices can help organizations prevent or mitigate major security breaches. For several years, researchers at the SEI have been examining methodologies, processes, technology, and training to help organizations understand what it means to perform the work of cyber intelligence. To spur further development and advance ...…
 
Soldiers and front-line personnel operating in tactical environments increasingly make use of handheld devices to help with tasks such as face recognition, language translation, decision making, and mission planning. These resource-constrained edge environments are characterized by dynamic context, limited computing resources, high levels of st ...…
 
In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities, and the lessons that organizations should take away. The session will focus on the lifecycl ...…
 
Most software systems have “defects” identified by users or developers. For most systems, it is too costly to fix all of the concerns in the near term, and indeed some issues may never be addressed. The government program office (or other procuring organization) has an obligation to choose wisely among a set of competing defects to be repaired, ...…
 
Safety-critical systems, such as those used in avionics and the medical and aerospace domains, are becoming increasingly reliant on software. Malfunctions in these systems can have significant consequences, including mission failure and loss of life. As a result, they must be designed, verified, and validated carefully to ensure that they compl ...…
 
Watch Dave Zubrow discuss "Taking Advantage of Agile while Minimizing Risk" at the Agile for Government Summit. The purpose of this event was to: *foster better understanding of how agile software development methods are providing the basis for incremental and modular acquisition across Government *to discuss the changing technology of modern i ...…
 
On April 25, 2014, technical staff from the Software Engineering Institute (SEI) and Codenomicon participated in a live-streamed panel discussion on the impact of the Heartbleed OpenSSL vulnerability along with methods to mitigate and even prevent crises like this in the future. Chris Clark, Security Engineer from Codenomicon, one of the cybers ...…
 
Watch Ipek Ozkaya discuss “Why Should Government Care about Technical Debt and Software Architecture?” at the Agile for Government Summit. The purpose of this event was to: • foster better understanding of how agile software development methods are providing the basis for incremental and modular acquisition across Government, and • to discuss t ...…
 
Google login Twitter login Classic login