The SEI Podcast Series will highlight the work of SEI researchers with different backgrounds, expertise, and interests. Some episodes will summarize the goals and results of advanced research projects at the cutting edge of science and technology. Other episodes will highlight the work of SEI technologists with customer-facing roles on applied, transition- and acquisition-oriented topics.
Technical Debt as a Core Software Engineering Practice
As software developers deal with issues such as legacy modernization, agile adoption, and architecture, they need to be able to articulate the tradeoffs of design and business decisions. In this podcast, Ipek Ozkaya talks about managing technical debt as a core software engineering practice and its importance in the education of future software engineers.
DNS Best Practices
The Domain Name System (DNS) is an essential component of the Internet, a virtual phone book of names and numbers, but we rarely think about it until something goes wrong. DNS also serves as the backbone for other services critical to organizations including email, external web access, file sharing and voice over IP (VoIP). There are steps, however, that network administrators can take to ensure the security and resilience of their DNS infrastructure and avoid security pitfalls. In this podcast, Mark Langston discusses best practices for designing a secure, reliable DNS infrastructure.
Three Roles and Three Failure Patterns of Software Architects
As a software system moves through its lifecycle, each phase calls for the architect to use a different mix of skills. This podcast explores three roles and three failure patterns of software architects that he has observed working with industry and government software projects. This blog post by John Klein is read by Bill Thomas.
Security Modeling Tools
Recent research indicates that security is no longer only a matter of code and is tightly linked to software architecture. SEI researchers have created security-focused modeling tools that capture vulnerabilities and their propagation paths in an architecture. These security-focused modeling tools help security analysts and researchers improve system and software analysis. In this podcast, Julien Delange discusses the motivation for the work, the available tools, and how to use them.
Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks
In November 2016, Internet users across the Eastern Seaboard of the United States had trouble accessing popular websites, such as Reddit, Netflix, and the New York Times. Known as the Dyn attack, the disruption was the result of multiple distributed denial of service (DDoS) attacks against a single organization: Dyn, a New Hampshire-based Internet infrastructure company. DDoS attacks can be extremely disruptive, and they are on the rise. The Verisign Distributed Denial of Service Trends Report states that DDoS attack activity increased 85 percent in each of the last two years, with 32 percent of those attacks in the fourth quarter of 2015 targeting IT services, cloud computing, and software-as-a-service companies. In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them.