Software Engineering Institute (SEI) Podcast Series-logo

Software Engineering Institute (SEI) Podcast Series

Technology Podcasts >

The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.

The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
More Information


United States


The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.




Assessing Cybersecurity Training

Simulation environments allow people to practice skills such as setting up and defending networks. If we can record informative traces of activity in these online environments and draw accurate inferences about trainee capabilities, then we can provide evidence-based guidance on performance, assess mission readiness, optimize training schedules, and refine training modules. April Galyardt, a machine learning research scientist with Carnegie Mellon University's Software Engineering Institute,...


DevOps in Highly Regulated Environments

Highly regulated environments (HREs), such as finance and healthcare, are mandated by policies for various reasons, most often general security and protection of intellectual property. These policies make the sharing and open access principles of DevOps that much harder to apply. In this podcast, SEI researchers Hasan Yasar and Jose Morales discuss the process, challenges, approaches, and lessons learned in implementing DevOps in the software development lifecycle in HREs.


Women in Software and Cybersecurity: Dr. Ipek Ozkaya

After earning a degree in architecture, Dr. Ipek Ozkaya studied computational design at Carnegie Mellon University. Now at the Software Engineering Institute, Ozkaya researches better ways for designing software and helping organizations manage technical debt in large-scale, complex software-intensive systems. In this podcast, the latest in our Women in Software and Cybersecurity podcast series, Ozkaya talks about the educational choices and career path that led to her current work.


The Role of the Software Factory in Acquisition and Sustainment

Dr. Paul Nielsen discusses his involvement on a Defense Science Board Task Force that concluded that the software factory should be a key player in the acquisition and sustainment of software for defense. “This is one case where the military or the government can learn from industry, sort of a spin-in to the government. The government has traditionally followed other approaches that were very requirements-based. They have perfected requirements engineering. What we have found is that in...


Defending Your Organization Against Business Email Compromise

Operation Wire Wire, a coordinated law enforcement effort by the U.S. Department of Justice, U.S. Department of Homeland Security, U.S. Department of the Treasury, and the U.S. Postal Inspection Service, was conducted over a six-month period and resulted in 74 arrests in the United States and overseas, including 29 in Nigeria and 3 in Canada, Mauritius, and Poland. The operation also resulted in the seizure of nearly $2.4 million and the disruption and recovery of approximately $14 million...


My Story in Computing with Dr. Eliezer Kanal

Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast, the first in a series, Dr. Eliezer Kanal—a former premed student, computational neuroscientist, health-care technical manager, financial quantitative analyst, freelance web developer, and IT consultant—discusses his background and education, all of which led to his current work leading a team of data scientists in the SEI’s CERT Division.


Women in Software and Cybersecurity: Eileen Wrubel

In this SEI Podcast, which highlights the work of Women in Software and Cybersecurity, Eileen Wrubel, co-lead of the SEI’s Agile/DevOps Transformation directorate, discusses her career journey.


Managing Technical Debt: A Focus on Automation, Design, and Architecture

Technical debt communicates the tradeoff between the short-term benefits of rapid delivery and the long-term value of developing a software system that is easy to evolve, modify, repair, and sustain. In this SEI Podcast, Rod Nord and Ipek Ozkaya discuss the SEI's current work in technical debt including the development of analysis techniques to help software engineers and decision makers manage the effect of technical debt on their software projects.


Women in Software and Cybersecurity: Grace Lewis

In her work at the SEI, Grace Lewis focuses on securely pushing cloud resources to the edge and integrating IoT devices into systems. Lewis’s research helps soldiers in the field access cloud resources even if they are not fully connected to the cloud. It also enables IoT devices to securely integrate with edge resources to pre-process data on its way to the cloud. In this SEI Podcast, Lewis discusses her career journey, which led to her leading Tactical Edge Computing at the SEI. This...


Women in Software and Cybersecurity: Bobbie Stempfley

In this SEI Podcast interview, Roberta (Bobbie) Stempfley discusses her career and journey to becoming the director of the SEI’s CERT Division. This podcast is one of the inaugural interviews in our Women in Software and Cybersecurity podcast series.


Women in Software and Cybersecurity: Dr. Lorrie Cranor

In this SEI Podcast, Dr. Lorrie Cranor, director of CyLab, discusses her career, her work in privacy and security, and her upcoming keynote at the 2019 Women in Cybersecurity Conference, March 28-30 in Pittsburgh. This podcast is one of the inaugural interviews in our Women in Software and Cybersecurity podcast series.


Applying Best Practices in Network Traffic Analysis

In today's operational climate, threats and attacks against network infrastructures have become far too common. Researchers in the SEI’s CERT Division work with organizations and large enterprises, many of whom analyze their network traffic data for ongoing status, attacks, or potential attacks. Through this work we have observed both challenges and best practices as these network traffic analysts analyze incoming contacts to the network, including packets traces or flows. In this SEI...


Leading in the Age of Artificial Intelligence

Tom Longstaff, who in 2018 was hired as the SEI’s chief technology officer, discusses the challenges of leading a technical organization in the age of artificial intelligence.


10 Types of Application Security Testing Tools and How to Use Them

Bugs and weaknesses in software are common: 84 percent of system breaches exploit vulnerabilities at the application layer. The prevalence of software-related problems is a key motivation for using application security testing tools. With a growing number of application security testing tools available, it can be confusing for leaders, developers, and engineers to know which tools address which issues. In this podcast, Thomas Scanlon, a researcher in the SEI’s CERT Division, discusses the...


Using Test Suites for Static Analysis Alert Classifiers

Static analysis tools used to identify potential vulnerabilities in source code produce a large number of alerts with high false-positive rates that engineers must painstakingly examine to find legitimate flaws. Researchers in the SEI’s CERT Division have developed the SCALe (Source Code Analysis Laboratory) tool to help analysts be more efficient and effective at auditing static analysis alerts. In this podcast, CERT researchers Lori Flynn and Zach Kurtz discuss ongoing research using test...


Blockchain at CMU and Beyond

Beyond its financial hype, researchers are exploring and understanding the promise of Blockchain technologies. In this SEI Podcast, Eliezer Kanal and Eugene Leventhal discuss blockchain research at Carnegie Mellon University and beyond.


Deep Learning in Depth: The Future of Deep Learning

Ritwik Gupta and Carson Sestili discuss the future of deep learning. “Here is amazing research being done all over the world on how we make what is called explainable AI. How do we explain what the deep learning is trying to do? This is a problem across all fields.”


Deep Learning in Depth: Adversarial Machine Learning

Ritwik Gupta of the SEI’s Emerging Technology Center and Carson Sestili, formerly of the SEI’s CERT Division and now with Google, discuss adversarial machine learning.


System Architecture Virtual Integration: ROI on Early Discovery of Defects

Peter Feiler discusses the cost savings (26.1 percent) realized when using the System Architecture Virtual Integration approach on the development of software-reliant systems for aircraft. “If you discover [software defects] at system integration test, the cost of fixing a problem is 300 to 1,000 times higher than doing it upfront. So if upfront, you spent $10,000 fixing it, it’s between $3 and $10 million on the backend that you are saving by the way.”


Deep Learning in Depth: The Importance of Diverse Perspectives

Ritwik Gupta of the SEI’s Emerging Technology Center and Carson Sestili, formerly of the SEI’s CERT Division and now with Google, discuss the importance of diverse perspectives in deep learning. “If you feel like I am an OK programmer, but I am a good deep thinker and a good mathematician, that is actually one of the corners of what it takes to be a successful data scientist. Again, in regard to our previous conversation, you cannot get away with only knowing math. But if you do know math,...