As software size, complexity, and interconnectedness has grown, software modernization within the Department of Defense (DoD) has become more important than ever. In this discussion moderated by Matthew Butkovic, technical director of risk and resilience in the SEI CERT Division, SEI director Paul Nielsen outlines the SEI’s work with the DoD on software modernization, including controlling the attack surface, incorporating industry practices such as DevSecOps, and the interplay between software, cybersecurity, and AI.

Containerization allows developers to run individual software applications in an isolated, controlled, repeatable way. With the increasing prevalence of cloud computing environments, containers are providing more and more of their underlying architecture. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Sasank Venkata Vishnubhatla and Maxwell Trdina, both engineers in the SEI CERT Division, sit down with Tim Chick, technical manager of the Applied Systems Group, to explore issues surrounding containerization, including recent vulnerabilities.

Software cost estimation is an important first step when beginning a project. It addresses important questions regarding budget, staffing, scheduling, and determining if the current environment will support the project. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Anandi Hira, a data scientist on the SEI’s Software Engineering Measurement and Analysis team sits down with Bill Nichols, principal engineer and SEI data science team lead, to discuss software cost estimation including various metrics, best practices, and common challenges when developing or building a model.