Improving Data Extraction from Cybersecurity Incident Reports
As the number of cyber incidents affecting federal agencies grows, a team of CERT researchers helps federal agencies make better use of data in cybersecurity incident reports.
Cyber Investigator Certificate Program
The SEI's Larry Rogers presents this innovative SEI program designed for first responders and detectives.
Four Valuable Data Sources for Network Security Analytics
This Oct. 4 webinar will focus on the development and application of combined data analytics and will offer several examples of analytics that combine network flow records and other sources.
Cyber Risk Appetite
Defining your cyber risk appetite can give you value ranges for key performance indicators.
Reverse Engineering Malware Analysis Tool Released on Github
Static analysis tool automates common reverse engineering tasks.
CERT Guide to Coordinated Vulnerability Disclosure Released
The CERT Guide to Coordinated Vulnerability Disclosure is available as a free download from the CERT Division website.
Security Hardening the DevOps Way
Demand is growing for the art of security hardening. Aaron Volkmann tells how to execute a security hardening strategy with a DevOps mindset.
NEWS
-
CERT Division's Summer Fowler: Equifax data breach — here's what we can learn from it
Media Coverage - 09/13/2017
CERT Division at a Glance
We were there for the first internet security incident and we’re still here more than 25 years later. Only now, we’ve expanded our expertise from incident response to a comprehensive, proactive approach to securing networked systems. The CERT Division is part of the Software Engineering Institute, which is based at Carnegie Mellon University. We are the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and are a national asset in the field of cybersecurity.
Learn More About the CERT Division:
RECENT VULNERABILITIES
-
VU#973527: Dnsmasq contains multiple vulnerabilities.
Original Release date - 10/02/2017 -
VU#101048: Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability
Original Release date - 09/13/2017 -
VU#240311: Multiple Bluetooth implementation vulnerabilities affect many devices
Original Release date - 09/12/2017 - Report a Vulnerability
PUBLICATIONS
- Four Valuable Data Sources for Network Security Analytics This webinar will focus on the development and application of combined data analytics and will offer several examples of analytics that combine domain resolution data, network device inventory and configuration data. Presentation - 10/04/2017
- R-EACTR: A Framework for Designing Realistic Cyber Warfare Exercises Introduces a design framework for cyber warfare exercises. It ensures that in designing team-based exercises, realism is factored into every aspect of the participant experience. Technical Report - 09/29/2017
- Defining a Progress Metric for CERT-RMM Improvement Describes the Cybersecurity Program Progress Metric and how its implementation in a large, diverse U.S. national organization can serve to indicate progress toward improving cybersecurity and resilience capabilities. Technical Note - 09/08/2017
EVENTS
Blogs
Define Your Organization's Risk Tolerance (Part 2 of 7: Mitigating Risks of Unsupported Operating Systems)
10/04/2017 - Katie C. Stewart
Introduction (Part 1 of 7: Mitigating Risks of Unsupported Operating Systems)
09/27/2017 - Katie C. StewartPodcasts
Best Practices: Network Border Protection
In this podcast, the latest in a series on best practices for network security, Rachel Kartch explores best practices for network border protection at the Internet router and firewall. Podcast - 09/21/2017
Verifying Software Assurance with IBM’s Watson
In this podcast, Mark Sherman discusses research aimed at examining whether developers could build an IBM Watson application to support an assurance review. Podcast - 09/07/2017

- Legal
- Terms of Use
- Privacy Statement
- Intellectual Property
Contact Us