BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Player FM - Internet Radio Done Right
12 subscribers
Checked 8d ago
Tilføjet three år siden
Indhold leveret af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Minder om Software Engineering Institute (SEI) Podcast Series
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
Daily Deals
Podcasts der er værd at lytte til
SPONSORERET
S
Species Unite
“If we march into that village and we start trying to persecute people for using poison, something that's very illegal, nobody's going to talk to us. We're not going to find out where the poison came from. We're not going to be able to shut anything down. We should take the approach that people are using poison because they're desperate, because they see no other alternative.” – Andrew Stein Andrew Stein is a wildlife ecologist who spent the past 25 years studying human carnivore conflict from African wild dogs and lions in Kenya and Botswana to leopards and hyenas in Namibia. His work has long focused on finding ways for people and predators to coexist. He is the founder of CLAWS , an organization based in Botswana that's working at the intersection of cutting-edge wildlife research and community driven conservation. Since its start in 2014 and official launch as an NGO in 2020, CLAWS has been pioneering science-based, tech-forward strategies to reduce conflict between people and carnivores. By collaborating closely with local communities, especially traditional cattle herders, CLAWS supports both species conservation and rural livelihoods—making coexistence not just possible, but sustainable.…
An Introduction to Software Cost Estimation
Manage episode 453724276 series 3018913
Indhold leveret af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Software cost estimation is an important first step when beginning a project. It addresses important questions regarding budget, staffing, scheduling, and determining if the current environment will support the project. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Anandi Hira, a data scientist on the SEI’s Software Engineering Measurement and Analysis team sits down with Bill Nichols, principal engineer and SEI data science team lead, to discuss software cost estimation including various metrics, best practices, and common challenges when developing or building a model.
407 episoder
DelManage episode 453724276 series 3018913
Indhold leveret af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Software cost estimation is an important first step when beginning a project. It addresses important questions regarding budget, staffing, scheduling, and determining if the current environment will support the project. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Anandi Hira, a data scientist on the SEI’s Software Engineering Measurement and Analysis team sits down with Bill Nichols, principal engineer and SEI data science team lead, to discuss software cost estimation including various metrics, best practices, and common challenges when developing or building a model.
407 episoder
Alle episoder
×
1 Delivering Next Generation Cyber Capabilities to the DoD Warfighter 27:16
27:16 
Afspil senere 
Afspil senere 
Lister 
Like 
Liked27:16
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Gregory Touhill, director of the SEI CERT Division, sits down with Matthew Butkovic, technical director of Cyber Risk and Resilience at CERT, to discuss ways in which CERT researchers and technologists are working to deliver rapid capability to warfighters in the Department of Defense.…
1 Getting the Most Out of Your Insider Risk Data with IIDES 39:14
39:14 Afspil senere Afspil senere Lister Like Liked39:14
Afspil senere Afspil senere Lister Like LikedInsider incidents cause around 35 percent of data breaches, creating financial and security risks for organizations. In this podcast from the Carnegie Mellon University Software Engineering Institute, Austin Whisnant and Dan Costa discuss the Insider Incident Data Expression Standard (IIDES), a new schema for collecting and sharing data about insider incidents. IIDES facilitates insider incident information handling to help organizations better protect themselves against the compromise of sensitive information and mission-critical systems, which is essential to maintaining national security and defense.…
1 Grace Lewis Outlines Vision for IEEE Computer Society Presidency 18:14
18:14 Afspil senere Afspil senere Lister Like Liked18:14
Afspil senere Afspil senere Lister Like LikedGrace Lewis , a principal researcher at the Carnegie Mellon University Software Engineering Institute (SEI) and lead of the SEI’s Tactical and AI-Enabled Systems Initiative, was elected the 2026 president of the IEEE Computer Society (CS), the largest community of computer scientists and engineers, with more than 370,000 members around the world. In this SEI podcast, Lewis sits down with Ipek Ozkaya, technical director of Engineering Intelligent Software Systems, to discuss her vision and plans for the IEEE CS presidency.…
1 Improving Machine Learning Test and Evaluation with MLTE 29:06
29:06 Afspil senere Afspil senere Lister Like Liked29:06
Afspil senere Afspil senere Lister Like LikedMachine learning (ML) models commonly experience issues when integrated into production systems. In this podcast, researchers from the Carnegie Mellon University Software Engineering Institute and the U.S. Army AI Integration Center (AI2C) discuss Machine Learning Test and Evaluation (MLTE), a new tool that provides a process and infrastructure for ML test and evaluation. MLTE can aid organizations across the DoD in more effectively negotiating, documenting, and evaluating model and system qualities.…
1 DOD Software Modernization: SEI Impact and Innovation 27:12
27:12 Afspil senere Afspil senere Lister Like Liked27:12
Afspil senere Afspil senere Lister Like LikedAs software size, complexity, and interconnectedness has grown, software modernization within the Department of Defense (DoD) has become more important than ever. In this discussion moderated by Matthew Butkovic, technical director of risk and resilience in the SEI CERT Division, SEI director Paul Nielsen outlines the SEI’s work with the DoD on software modernization, including controlling the attack surface, incorporating industry practices such as DevSecOps, and the interplay between software, cybersecurity, and AI.…
1 Securing Docker Containers: Techniques, Challenges, and Tools 39:09
39:09 Afspil senere Afspil senere Lister Like Liked39:09
Afspil senere Afspil senere Lister Like LikedContainerization allows developers to run individual software applications in an isolated, controlled, repeatable way. With the increasing prevalence of cloud computing environments, containers are providing more and more of their underlying architecture. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Sasank Venkata Vishnubhatla and Maxwell Trdina, both engineers in the SEI CERT Division, sit down with Tim Chick, technical manager of the Applied Systems Group, to explore issues surrounding containerization, including recent vulnerabilities.…
1 An Introduction to Software Cost Estimation 22:55
22:55 Afspil senere Afspil senere Lister Like Liked22:55
Afspil senere Afspil senere Lister Like LikedSoftware cost estimation is an important first step when beginning a project. It addresses important questions regarding budget, staffing, scheduling, and determining if the current environment will support the project. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Anandi Hira, a data scientist on the SEI’s Software Engineering Measurement and Analysis team sits down with Bill Nichols, principal engineer and SEI data science team lead, to discuss software cost estimation including various metrics, best practices, and common challenges when developing or building a model.…
1 Cybersecurity Metrics: Protecting Data and Understanding Threats 27:00
27:00 Afspil senere Afspil senere Lister Like Liked27:00
Afspil senere Afspil senere Lister Like LikedOne of the biggest challenges in collecting cybersecurity metrics is scoping down objectives and determining what kinds of data to gather. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Bill Nichols, who leads the SEI’s Software Engineering Measurements and Analysis Group, discusses the importance of cybersecurity measurement, what kinds of measurements are used in cybersecurity, and what those metrics can tell us about cyber systems.…
1 3 Key Elements for Designing Secure Systems 36:28
36:28 Afspil senere Afspil senere Lister Like Liked36:28
Afspil senere Afspil senere Lister Like LikedTo make secure software by design a reality, engineers must intentionally build security throughout the software development lifecycle. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Timothy A. Chick, technical manager of the Applied Systems Group in the SEI’s CERT Division, discusses building, designing, and operating secure systems.…
1 Using Role-Playing Scenarios to Identify Bias in LLMs 45:07
45:07 Afspil senere Afspil senere Lister Like Liked45:07
Afspil senere Afspil senere Lister Like LikedHarmful biases in large language models (LLMs) make AI less trustworthy and secure. Auditing for biases can help identify potential solutions and develop better guardrails to make AI safer. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Katie Robinson and Violet Turri, researchers in the SEI’s AI Division, discuss their recent work using role-playing game scenarios to identify biases in LLMs.…
1 Best Practices and Lessons Learned in Standing Up an AISIRT 38:29
38:29 Afspil senere Afspil senere Lister Like Liked38:29
Afspil senere Afspil senere Lister Like LikedIn the wake of widespread adoption of artificial intelligence (AI) in critical infrastructure, education, government, and national security entities, adversaries are working to disrupt these systems and attack AI-enabled assets. With nearly four decades in vulnerability management, the Carnegie Mellon University Software Engineering Institute (SEI) recognized a need to create an entity that would identify, research, and identify mitigation strategies for AI vulnerabilities to protect national assets against traditional cybersecurity, adversarial machine learning, and joint cyber-AI attacks. In this SEI podcast, Lauren McIlvenny, director of threat analysis in the SEI’s CERT Division, discusses best practices and lessons learned in standing up an AI Security Incident Response Team (AISIRT).…
1 3 API Security Risks (and How to Protect Against Them) 19:28
19:28 Afspil senere Afspil senere Lister Like Liked19:28
Afspil senere Afspil senere Lister Like LikedThe exposed and public nature of application programming interfaces (APIs) come with risks including the increased network attack surface. Zero trust principles are helpful for mitigating these risks and making APIs more secure. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), McKinley Sconiers-Hasan, a solutions engineer in the SEI CERT Division, discusses three API risks and how to address them through the lens of zero trust.…
1 Evaluating Large Language Models for Cybersecurity Tasks: Challenges and Best Practices 43:05
43:05 Afspil senere Afspil senere Lister Like Liked43:05
Afspil senere Afspil senere Lister Like LikedHow can we effectively use large language models (LLMs) for cybersecurity tasks? In this Carnegie Mellon University Software Engineering Institute podcast, Jeff Gennari and Sam Perl discuss applications for LLMs in cybersecurity, potential challenges, and recommendations for evaluating LLMs.
1 Capability-based Planning for Early-Stage Software Development 33:55
33:55 Afspil senere Afspil senere Lister Like Liked33:55
Afspil senere Afspil senere Lister Like LikedCapability-Based Planning (CBP) defines a framework that has an all-encompassing view of existing abilities and future needs for strategically deciding what is needed and how to effectively achieve it. Both business and government acquisition domains use CBP for financial success or to design a well-balanced defense system. The definitions understandably vary across these domains. In this SEI podcast, Anandi Hira, a data scientist, and William R. Nichols, an initiative lead for Software Engineering Measurement and Analysis, introduce CBP and its use and application in software acquisition.…
1 Safeguarding Against Recent Vulnerabilities Related to Rust 26:25
26:25 Afspil senere Afspil senere Lister Like Liked26:25
Afspil senere Afspil senere Lister Like LikedWhat can the recently discovered vulnerabilities related to Rust tell us about the security of the language? In this podcast from the Carnegie Mellon University Software Engineering Institute, David Svoboda discusses two vulnerabilities, their sources, and how to mitigate them.
S
Software Engineering Institute (SEI) Podcast Series
1 Developing a Global Network of Computer Security Incident Response Teams (CSIRTs) 30:51
30:51 Afspil senere Afspil senere Lister Like Liked30:51
Afspil senere Afspil senere Lister Like LikedCybersecurity risks aren’t just a national concern. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), the CERT division’s Tracy Bills, senior cybersecurity operations researcher and team lead, and James Lord, security operations technical manager, discuss the SEI’s work developing Computer Security Incident Response Teams (CSIRTs) across the globe.…
S
Software Engineering Institute (SEI) Podcast Series
1 Automated Repair of Static Analysis Alerts 27:05
27:05 Afspil senere Afspil senere Lister Like Liked27:05
Afspil senere Afspil senere Lister Like LikedDevelopers know that static analysis helps make code more secure. However, static analysis tools often produce a large number of false positives, hindering their usefulness. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda, a software security engineer in the SEI’s CERT Division, discusses Redemption, a new open source tool from the SEI that automatically repairs common errors in C/C++ code generated from static analysis alerts, making code safer and static analysis less overwhelming.…
S
Software Engineering Institute (SEI) Podcast Series
1 Developing and Using a Software Bill of Materials Framework 37:37
37:37 Afspil senere Afspil senere Lister Like Liked37:37
Afspil senere Afspil senere Lister Like LikedWith the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.…
S
Software Engineering Institute (SEI) Podcast Series
1 Using Large Language Models in the National Security Realm 34:45
34:45 Afspil senere Afspil senere Lister Like Liked34:45
Afspil senere Afspil senere Lister Like LikedAt the request of the White House, the Office of the Director of National Intelligence (ODNI) began exploring use cases for large language models (LLMs) within the Intelligence Community (IC). As part of this effort, ODNI sponsored the Mayflower Project at Carnegie Mellon University’s Software Engineering Institute (SEI) from May 2023 through September 2023. The Mayflower Project attempted to answer the following questions: How might the IC set up a baseline, stand-alone LLM? How might the IC customize LLMs for specific intelligence use cases? How might the IC evaluate the trustworthiness of LLMs across use cases? In this SEI Podcast, Shannon Gallagher, AI engineering team lead, and Rachel Dzombak, special advisor to the director of the SEI’s AI Division, discuss the findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use cases.…
S
Software Engineering Institute (SEI) Podcast Series
1 Atypical Applications of Agile and DevSecOps Principles 33:41
33:41 Afspil senere Afspil senere Lister Like Liked33:41
Afspil senere Afspil senere Lister Like LikedModern software engineering practices of Agile and DevSecOps have provided a foundation for producing working software products faster and more reliably than ever before. Far too often, however, these practices do not address the non-software concerns of business mission and capability delivery even though these concerns are critical to the successful delivery of a software product. Through our work with government organizations, we have found that expanding DevSecOps beyond product development enables other teams to increase their capabilities and improve their processes. Agile methodologies are also being used for complex system and hardware developments. In this podcast from the Carnegie Mellon University Software Engineering Institute, Lyndsi Hughes, a senior systems engineer and David Sweeney, an associate software developer, both with the SEI CERT Division, share their experiences leveraging DevSecOps pipelines in atypical situations in support of teams focused on the capability delivery and business mission for their organizations.…
S
Software Engineering Institute (SEI) Podcast Series
1 When Agile and Earned Value Management Collide: 7 Considerations for Successful Interaction 35:21
35:21 Afspil senere Afspil senere Lister Like Liked35:21
Afspil senere Afspil senere Lister Like LikedIncreasingly in government acquisition of software-intensive systems, we are seeing programs using Agile development methodology and earned value management. While there are many benefits to using both Agile and EVM, there are important considerations that software program managers must first address. In this podcast, Patrick Place, a senior engineer, and Stephen Wilson, a test engineer, both with the SEI Agile Transformation Team, discuss seven considerations for successful use of Agile and EVM.…
S
Software Engineering Institute (SEI) Podcast Series
1 The Impact of Architecture on Cyber-Physical Systems Safety 34:05
34:05 Afspil senere Afspil senere Lister Like Liked34:05
Afspil senere Afspil senere Lister Like LikedAs developers continue to build greater autonomy into cyber-physical systems (CPSs), such as unmanned aerial vehicles (UAVs) and automobiles, these systems aggregate data from an increasing number of sensors. However, more sensors not only create more data and more precise data, but they require a complex architecture to correctly transfer and process multiple data streams. This increase in complexity comes with additional challenges for functional verification and validation, a greater potential for faults, and a larger attack surface. What’s more, CPSs often cannot distinguish faults from attacks. To address these challenges, researchers from the SEI and Georgia Tech collaborated on an effort to map the problem space and develop proposals for solving the challenges of increasing sensor data in CPSs. In this podcast from the Carnegie Mellon University Software Engineering Institute, Jerome Hugues, a principal researcher in the SEI Software Solutions Division, discusses this collaboration and its larger body of work, Safety Analysis and Fault Detection Isolation and Recovery (SAFIR) Synthesis for Time-Sensitive Cyber-Physical Systems.…
S
Software Engineering Institute (SEI) Podcast Series
1 ChatGPT and the Evolution of Large Language Models: A Deep Dive into 4 Transformative Case Studies 46:22
46:22 Afspil senere Afspil senere Lister Like Liked46:22
Afspil senere Afspil senere Lister Like LikedTo better understand the potential uses of large language models (LLMs) and their impact, a team of researchers at the Carnegie Mellon University Software Engineering Institute CERT Division conducted four in-depth case studies. The case studies span multiple domains and call for vastly different capabilities. In this podcast, Matthew Walsh, a senior data scientist in CERT, and Dominic Ross, Multi-Media Design Team lead, discuss their work in developing the four case studies as well as limitations and future uses of ChatGPT.…
S
Software Engineering Institute (SEI) Podcast Series
1 The Cybersecurity of Quantum Computing: 6 Areas of Research 23:01
23:01 Afspil senere Afspil senere Lister Like Liked23:01
Afspil senere Afspil senere Lister Like LikedResearch and development of quantum computers continues to grow at a rapid pace. The U.S. government alone spent more than $800 million on quantum information science research in 2022. Thomas Scanlon, who leads the data science group in the SEI CERT Division, was recently invited to be a participant in the Workshop on Cybersecurity of Quantum Computing , co-sponsored by the National Science Foundation (NSF) and the White House Office of Science and Technology Policy, to examine the emerging field of cybersecurity for quantum computing. In this podcast from the Carnegie Mellon University Software Engineering Institute, Scanlon discusses how to create the discipline of cyber protection of quantum computing and outlines six areas of future research in quantum cybersecurity.…
S
Software Engineering Institute (SEI) Podcast Series
Far too often software programs continue to collect metrics for no other reason than that is how it has always been done. This leads to situations where, for any given environment, a metrics program is defined by a list of metrics that must be collected. A top-down, deterministic specification of graphs or other depictions of data required by the metrics program can distract participants from the potentially useful information that the metrics reveal and illuminate. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Will Hayes, who leads the Agile Transformation Team, and Patrick Place, a principal engineer on that team, discuss with principal researcher Suzanne Miller, how user stories can help put development in the context of who is using the system and lead to a conversation about why a specific metric is being collected.…
S
Software Engineering Institute (SEI) Podcast Series
1 The Product Manager’s Evolving Role in Software and Systems Development 24:19
24:19 Afspil senere Afspil senere Lister Like Liked24:19
Afspil senere Afspil senere Lister Like LikedIn working with software and systems teams developing technical products, Judy Hwang, a senior software engineer in the SEI CERT Division, observed that teams were not investing the time, resources and effort required to manage the product lifecycle of a successful product. These activities include thoroughly exploring the problem space by talking to users, assessing existing solutions, understanding the competition, and positioning the product to create value for customers. In this podcast from the Carnegie Mellon University Software Engineering Institute, Hwang talks with principal researcher Suzanne Miller about the importance of implementing foundational product management principles in software and systems development and offers resources for audience members who looking to strengthen their Agile product delivery practices.…
S
Software Engineering Institute (SEI) Podcast Series
1 Measuring the Trustworthiness of AI Systems 19:27
19:27 Afspil senere Afspil senere Lister Like Liked19:27
Afspil senere Afspil senere Lister Like LikedThe ability of artificial intelligence (AI) to partner with the software engineer, doctor, or warfighter depends on whether these end users trust the AI system to partner effectively with them and deliver the outcome promised. To build appropriate levels of trust, expectations must be managed for what AI can realistically deliver. In this podcast from the SEI’s AI Division, Carol Smith, a senior research scientist specializing in human-machine interaction, joins design researchers Katherine-Marie Robinson and Alex Steiner, to discuss how to measure the trustworthiness of an AI system as well as questions that organizations should ask before determining if it wants to employ a new AI technology.…
S
Software Engineering Institute (SEI) Podcast Series
1 Actionable Data in the DevSecOps Pipeline 31:58
31:58 Afspil senere Afspil senere Lister Like Liked31:58
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute, Bill Nichols and Julie Cohen talk with Suzanne Miller about how automation within DevSecOps product-development pipelines provides new opportunities for program managers (PMs) to confidently make decisions with the help of readily available data. As in commercial companies, DoD PMs are accountable for the overall cost, schedule, and performance of a program. The PM’s job is even more complex in large programs with multiple software-development pipelines where cost, schedule, performance, and risk for the products of each pipeline must be considered when making decisions, as well as the interrelationships among products developed on different pipelines. Nichols and Cohen discuss how PMs can collect and transform unprocessed DevSecOps development data into useful program-management information that can guide decisions they must make during program execution. The ability to continuously monitor, analyze, and provide actionable data to the PM from tools in multiple interconnected pipelines of pipelines can help keep the overall program on track.…
S
Software Engineering Institute (SEI) Podcast Series
1 Insider Risk Management in the Post-Pandemic Workplace 47:34
47:34 Afspil senere Afspil senere Lister Like Liked47:34
Afspil senere Afspil senere Lister Like LikedIn the wake of the COVID pandemic, the workforce decentralized and shifted toward remote and hybrid environments. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Dan Costa, technical manager of enterprise threat and vulnerability management, and Randy Trzeciak, deputy director of Cyber Risk and Resilience, both with the SEI’s CERT Division, discuss how remote work in the post-pandemic world is changing expectations about employee behavior monitoring and insider risk detection.…
S
Software Engineering Institute (SEI) Podcast Series
1 An Agile Approach to Independent Verification and Validation 31:57
31:57 Afspil senere Afspil senere Lister Like Liked31:57
Afspil senere Afspil senere Lister Like LikedIndependent verification and validation (IV&V) is a significant step in the process of deploying systems for mission-critical applications in the Department of Defense (DoD). In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Justin Smith, senior Agile transformation leader in the SEI Software Solutions Division, talks with principal researcher Suzanne Miller about how to bring concepts from Lean and Agile software development into the practice of IV&V. Smith describes his experiences at NASA’s Katherine Johnson IV&V Facility as a project manager for the Orion IV&V team. On that project, the developer employed Scaled Agile Framework (SAFe) as their development process, which had challenging consequences for established IV&V practices within NASA IV&V. Smith also discusses the ways in which NASA adapted to this change and describes strategies and tactics for reconciling Agile and IV&V.…
S
Software Engineering Institute (SEI) Podcast Series
1 Zero Trust Architecture: Best Practices Observed in Industry 27:53
27:53 Afspil senere Afspil senere Lister Like Liked27:53
Afspil senere Afspil senere Lister Like LikedZero trust architecture has the potential to improve an enterprise’s security posture. There is still considerable uncertainty about the zero trust transformation process, however, as well as how zero trust architecture will ultimately appear in practice. Recent executive orders have accelerated the timeline for zero trust adoption in the federal sector, and many private-sector organizations are following suit. Researchers in the CERT Division at the Carnegie Mellon University Software Engineering Institute (SEI) hosted Zero Trust Industry Days to enable industry stakeholders to share information about implementing zero trust. In this SEI podcast, CERT researchers Matthew Nicolai and Nathaniel Richmond discuss five zero trust best practices identified during the two-day event, explain their significance, and provide commentary and analysis on ways to empower your organization’s zero trust transformation.…
S
Software Engineering Institute (SEI) Podcast Series
1 Automating Infrastructure as Code with Ansible and Molecule 39:38
39:38 Afspil senere Afspil senere Lister Like Liked39:38
Afspil senere Afspil senere Lister Like LikedIn Ansible, roles allow system administrators to automate the loading of certain variables, tasks, files, templates, and handlers based on a known file structure. Grouping content by roles allows for easy sharing and reuse. When developing roles, users must deal with various concerns, including what operating system(s) and version(s) will be supported and whether a single node or a cluster of machines is needed. In this podcast from the Carnegie Mellon University Software Engineering Institute, Matthew Heckathorn, an integration engineer with the SEI’s CERT Division, offers guidance for systems engineers, system administrators, and others on developing Ansible roles and automating infrastructure as code.…
S
Software Engineering Institute (SEI) Podcast Series
1 Identifying and Preventing the Next SolarWinds 46:04
46:04 Afspil senere Afspil senere Lister Like Liked46:04
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Gregory J. Touhill, director of the SEI CERT Division, talks with principal researcher Suzanne Miller about the 2020 attack on Solar Winds software and how to prevent a recurrence of another major attack on key systems that are in widespread use. Solar Winds is the name of a company that provided software to the U.S. federal government. In late 2020, news surfaced about a cyberattack that had already been underway for several months and that had reportedly compromised 250 government agencies, including the Treasury Department, the State Department, and nuclear research labs. In addition to compromising data, the attack resulted in financial losses of more than $90 million and was probably one of the most dangerous modern attacks on software and software-based businesses and government agencies in the recent past. The SolarWinds incident demonstrated the challenges of securing systems when they are the product of complex supply chains. In this podcast, Touhill discusses topics including the need for systems to be secure by design and secure by default, the importance of transparency in the reporting of vulnerabilities and anomalous system behavior, the CERT Acquisition Security Framework, the need to secure data across a wide range of disparate devices and systems, and tactics and strategies for individuals and organizations to safeguard their data and the systems they rely on daily.…
S
Software Engineering Institute (SEI) Podcast Series
1 A Penetration Testing Findings Repository 25:47
25:47 Afspil senere Afspil senere Lister Like Liked25:47
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute (SEI) Marisa Midler and Samantha Chaves, penetration testers with the SEI’s CERT Division, talk with Suzanne Miller about a penetration-testing repository that they helped to build. The repository is a source of information for active directory, phishing, mobile technology, systems and services, web applications, and mobile- and wireless-technology weaknesses that could be discovered during a penetration test. The repository is intended to help assessors provide reports to organizations using standardized language and standardized names for findings, and to save assessors time on report generation by having descriptions, standard remediations, and other resources available in the repository for their use. The repository is available at https://github.com/cisagov/pen-testing-findings…
S
Software Engineering Institute (SEI) Podcast Series
1 Understanding Vulnerabilities in the Rust Programming Language 36:45
36:45 Afspil senere Afspil senere Lister Like Liked36:45
Afspil senere Afspil senere Lister Like LikedWhile the memory safety and security features of the Rust programming language can be effective in many situations, Rust’s compiler is very particular on what constitutes good software design practices. Whenever design assumptions disagree with real-world data and assumptions, there is the possibility of security vulnerabilities–and malicious software that can take advantage of those vulnerabilities. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda and Garret Wassermann, researchers with the SEI's CERT Division, explore tools for understanding vulnerabilities in Rust whether the original source code is available or not. These tools are important for understanding malicious software where source code is often unavailable, as well as commenting on possible directions in which tools and automated code analysis can improve.…
S
Software Engineering Institute (SEI) Podcast Series
1 We Live in Software: Engineering Societal-Scale Systems 39:31
39:31 Afspil senere Afspil senere Lister Like Liked39:31
Afspil senere Afspil senere Lister Like LikedSocietal-scale software systems, such as today’s commercial social media platforms, are among the most widely used software systems in the world, with some platforms reporting billions of daily active users. These systems have created new mechanisms for global communication and connect people with unprecedented speed. Despite the numerous benefits of societal-scale systems, these systems are designed to optimize user engagement and scale by using psychology (such as gaming and reward mechanisms) to influence users. Individual users struggle with privacy of their data and bias in these systems, while governments face new threats of misinformation. In this podcast from the Carnegie Mellon University Software Engineering Institute, John Robert and Forrest Shull discuss issues that must be considered when engineering societal-scale systems.…
S
Software Engineering Institute (SEI) Podcast Series
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI) Gregory J. Touhill, director of the SEI CERT Division, talks with Suzanne Miller about secure by design, secure by default, a longstanding tenet of the work of the SEI and CERT in particular. The SEI has been in the forefront of secure software development, promoting an approach where security weaknesses are addressed, prevented, or eliminated earlier in the software development lifecycle, which not only helps to ensure secure systems, but also saves time and money. Touhill also discusses the CERT strategy in support of SEI sponsors in the U.S. Department of Defense (DoD), the Department of Homeland Security (DHS), and the Cybersecurity Infrastructure Security Agency (CISA) and his vision for the future of cybersecurity and the role of the CERT Division.…
S
Software Engineering Institute (SEI) Podcast Series
1 Key Steps to Integrate Secure by Design into Acquisition and Development 48:50
48:50 Afspil senere Afspil senere Lister Like Liked48:50
Afspil senere Afspil senere Lister Like LikedSecure by design means performing more security and assurance activities earlier in the product and system lifecycles. A secure-by-design mindset addresses the security of systems during the requirements, design, and development phases of lifecycles rather than waiting until the system is ready for implementation. The need for a secure-by-design mindset is exacerbated by the amount of interconnectedness of today’s systems and the increasing amount of automation that characterizes system development. These trends have led to increased levels of risk and made implementation of security controls during test and patching systems after deployment increasingly unsustainable. In this podcast from the Carnegie Mellon University Software Engineering Institute, Robert Schiela, technical manager of the Secure Coding group, and Carol Woody, a principal researcher in the SEI’s CERT Division, talk with Suzanne Miller about the importance of integrating the practices and mindset of secure by design into the acquisition and development of software-reliant systems.…
S
Software Engineering Institute (SEI) Podcast Series
1 An Exploration of Enterprise Technical Debt 25:56
25:56 Afspil senere Afspil senere Lister Like Liked25:56
Afspil senere Afspil senere Lister Like LikedLike all technical debt, enterprise technical debt consists of choices expedient in the short term, but often problematic over the long term. In enterprise technical debt, the impact reaches beyond the scope of a single system or project. Because ignoring enterprise technical debt can have significant consequences, software and systems architects should be alert for it, and they should not let it get overlooked or ignored when they come across it. Enterprise technical debt often results in multi-project or organization-wide risks that increase the organization’s cost, efficiency, or security risks. Remediation of enterprise technical debt requires intervention by governance structures whose scope is broader than that of individual teams or projects. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Stephany Bellomo, a principal engineer in the SEI’s Software Solutions Division, talks with principal researcher Suzanne Miller about identifying and remediating enterprise technical debt.…
S
Software Engineering Institute (SEI) Podcast Series
1 The Messy Middle of Large Language Models 33:46
33:46 Afspil senere Afspil senere Lister Like Liked33:46
Afspil senere Afspil senere Lister Like LikedThe recent growth of applications that leverage large language models, including ChatGPT and Copilot, has spurred reactions ranging from fear and uncertainty to adoration and lofty expectations. In this podcast from the Carnegie Mellon University Software Engineering Institute, Jay Palat, senior engineer and technical director of AI for mission, and Dr. Rachel Dzombak, senior advisor to the director of the SEI’s AI Division, discuss the current landscape of large language models (LLMs), common misconceptions about LLMs, how to leverage tools built on top of LLMs, and the need for critical thinking around both the outputs of the tools and the trends in their use.…
S
Software Engineering Institute (SEI) Podcast Series
1 An Infrastructure-Focused Framework for Adopting DevSecOps 43:35
43:35 Afspil senere Afspil senere Lister Like Liked43:35
Afspil senere Afspil senere Lister Like LikedDevSecOps practices, including continuous-integration/continuous-delivery (CI/CD) pipelines, enable organizations to respond to security and reliability events quickly and efficiently and to produce resilient and secure software on a predictable schedule and budget. Despite growing evidence and recognition of the efficacy and value of these practices, the initial implementation and ongoing improvement of the methodology can be challenging. In this podcast from the Carnegie Mellon University Software Engineering Institute, senior engineers Vanessa Jackson and Lyndsi Hughes discuss with principal researcher Suzanne Miller the DevSecOps adoption framework, which guides organizations in the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.…
S
Software Engineering Institute (SEI) Podcast Series
Rust is growing in popularity. Its unique security model promises memory safety and concurrency safety, while providing the performance of C/C++. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda and Joe Sible, both engineers in the SEI’s CERT Division, talk with principal researcher Suzanne Miller about the Rust programming language and its security-related features. Svoboda and Sible discuss Rust’s compile-time safety guarantees, the kinds of vulnerabilities that Rust fixes and those that it does not, situations in which users would not want to use Rust, and where interested users can go to get more information about the Rust programming language.…
S
Software Engineering Institute (SEI) Podcast Series
1 Improving Interoperability in Coordinated Vulnerability Disclosure with Vultron 51:16
51:16 Afspil senere Afspil senere Lister Like Liked51:16
Afspil senere Afspil senere Lister Like LikedCoordinated vulnerability disclosure (CVD) begins when at least one individual becomes aware of a vulnerability, but it can’t proceed without the cooperation of many. Software supply chains, software libraries, and component vulnerabilities have evolved in complexity and have become as much a part of the CVD process as vulnerabilities in vendors’ proprietary code. Many CVD cases now require coordination across multiple vendors. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Allen Householder, a senior vulnerability and incident researcher in the SEI’s CERT Division, talks with principal researcher Suzanne Miller about Vultron , a protocol for multi-party coordinated vulnerability disclosure (MPCVD).…
S
Software Engineering Institute (SEI) Podcast Series
1 Asking the Right Questions to Coordinate Security in the Supply Chain 31:11
31:11 Afspil senere Afspil senere Lister Like Liked31:11
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Dr. Carol Woody, a principal researcher in the SEI's CERT Division, talks with Suzanne Miller about the SEI’s newly released Acquisition Security Framework, which helps programs coordinate the management of engineering and supply-chain risks across system components including hardware, network interfaces, software interfaces, and mission capabilities.…
S
Software Engineering Institute (SEI) Podcast Series
1 Securing Open Source Software in the DoD 35:33
35:33 Afspil senere Afspil senere Lister Like Liked35:33
Afspil senere Afspil senere Lister Like LikedIn this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Scott Hissam, a researcher within the SEI’s Software Solutions Division who works on software assurance in Department of Defense (DoD) systems, talks with Linda Parker Gates, initiative lead for the SEI’s Software Acquisition Pathways, about the use of free and open-source software (FOSS) in the DoD, building on insights that surfaced in a recent workshop held for producers and consumers of FOSS for DoD systems.…
Velkommen til Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Minder om Software Engineering Institute (SEI) Podcast Series
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
