search menu icon-carat-right cmu-wordmark

Publications

The SEI provides access to more than 5,000 documents from three decades of research on best practices in software engineering. These documents include technical reports, presentations, webinars, podcasts, blogs, and other searchable materials. You can search our database to find publications that span the SEI's history as well as current research.

SEI Digital Library

Our digital library holds over 30 years of publications that you can browse by topic, author, and publication type.

Browse Digital Library

New in Publications

Cloud Security Best Practices Derived from Mission Thread Analysis

Cloud Security Best Practices Derived from Mission Thread Analysis

July 16, 2019 • Technical Report
Timothy MorrowVincent LaPianaDonald Faatz

Presents practices for secure, effective use of cloud computing and risk reduction in transitioning applications and data to the cloud. Considers needs of limited-resource businesses.

read
Assessing Cybersecurity Training

Assessing Cybersecurity Training

July 11, 2019 • Podcast
April Galyardt

April Galyardt, a machine learning research scientist, discusses efforts to develop a new approach to assessing the skills of the cybersecurity workforce.

learn more
Overview of Risks, Threat, and Vulnerabilities Faced in Moving to the Cloud

Overview of Risks, Threat, and Vulnerabilities Faced in Moving to the Cloud

July 11, 2019 • Technical Report
Timothy MorrowKelwyn PenderCarrie Lee (U.S. Department of Veteran Affairs)

This report examines the changes to risks, threats, and vulnerabilities when applications are deployed to cloud services.

read
Efficient NetFlow Partitioning via Minimum Cuts

Efficient NetFlow Partitioning via Minimum Cuts

July 01, 2019 • Video
Ritwik Gupta

Ritwik Gupta and Anusha Sinha discuss SEI work on NetFlow that aims to distinguish human-generated flows from machine-generated flows to identify human actors on networks and potential network threats more easily.

watch
DevOps in Highly Regulated Environments

DevOps in Highly Regulated Environments

June 27, 2019 • Podcast
Hasan YasarJose A. Morales

Hasan Yasar and Jose Morales discuss the process, challenges, approaches, and lessons learned in implementing DevOps in the software development lifecycle in highly regulated environments.

learn more
Automatically Detecting Technical Debt Discussions

Automatically Detecting Technical Debt Discussions

June 24, 2019 • White Paper
Ipek OzkayaZachary KurtzRobert Nord

This study introduces (1) a dataset of expert labels of technical debt in developer comments and (2) a classifier trained on those labels.

read