CERT® Coordination Center (CERT/CC)
The CERT Coordination Center (CERT/CC), arguably the most widely known
group within the CERT Program, addresses risks at the software and
system level. Although it was established as an incident response
team, the CERT/CC has evolved beyond that, focusing instead on
identifying and addressing existing and potential threats, notifying
system administrators and other technical personnel of these threats,
and coordinating with vendors and incident response teams world wide
to address the threats.
We strive to address both the number of vulnerabilities in software
that is being developed and the number of vulnerabilities in software
that is already deployed. Our vulnerability
work is divided into two areas: vulnerability discovery
and vulnerability remediation.
In addition to identifying current vulnerabilities, we want to prevent
the introduction of new ones. We are establishing practices that
vendors can use to improve the security and quality of their software.
Internet threats are not confined to geographic borders. To promote a
global response capability, we help organizations and countries
establish computer security incident response teams (CSIRTs), and we
work with existing teams to coordinate communication and response
during major security events.
Our artifact analysts examine, catalog, and sometimes reverse-engineer
malicious code. These activities help us to better understand how the
code works and allow us to identify trends and patterns that may
reveal exploitable vulnerabilities or other potential threats.