CERT staff members research, analyze, and develop technology and training aimed at helping administrators secure their systems and networks. Building on its long history of vulnerability research, the CERT Program is involved with vulnerability analysis, an effort divided into two areas: vulnerability discovery and vulnerability remediation. Our research in survivable systems engineering advances knowledge in fields such as information assurance for systems of systems, computational engineering for software and systems assurance, and security requirements engineering. Our work in network situational awareness produces engineering solutions and research approaches for analyzing broad network activity, including open-source tools such as SiLK and AirCERT. CERT staff members also conduct training and certification courses for systems and network administrators in areas such as information security, incident handling, and forensics.