CERT-SEI

Digital Intelligence and Investigation

Nancy Mead Receives Distinguished Education Award

This IEEE Computer Society TCSE award recognizes Nancy's outstanding and sustained contributions to software engineering education over the last 30 years.
Learn more about the award

Engage with Us

Help inform our research by sharing your ideas with us. Let us know if you need support from our team.
Explore how we can work together

Research

Our research yields approaches for protecting mobile devices from malware attacks, leveraging social media to discover malicious activity, and improving automated text extraction and video exploitation.
Learn more about our research

Our Mission: We conduct research and develop technologies, capabilities, and practices that organizations can use to develop incident response capabilities and facilitate forensics investigations.

Current tools and processes are inadequate for responding to increasingly sophisticated attackers and cybercrimes. The Digital Intelligence and Investigation Directorate (DIID) is addressing that problem by conducting research and developing technologies, capabilities, and practices that organizations can use to develop incident response capabilities and facilitate forensics investigations. DIID team members also develop advanced tools and techniques to address gaps that are not covered by existing resources.

We develop methods for analyzing your development lifecycle.

Our Complexity Modeling and Analysis research helps you analyze complexity and integration issues throughout the development lifecycle to ensure that development is proceeding as planned. We can also help you link security decisions to mission-critical needs.

Engage with Us

Help inform our research by sharing your ideas with us. Let us know if you need support from our team.

Engage with Us

Publications & Media

A New Approach to Cyber Incident Response
In this blog post, Anne Connell and Tim Palko describe a tool that their teams are developing to provide the various agencies and organizations that respond to cyber incidents a platform by which to share information and forge collaborations.  

Search for Boston Bombers Likely Relied on Eyes, Not Software
In this article, Todd Waits, a digital investigation and intelligence expert in the CERT Division, talks to Reuters about the potential use of facial-recognition technology in the investigation of the 2013 Boston Marathon bombing attack.

DIID Collaborates on Computer Crime Cases
As part of the TJX & Heartland case, DIID team members collaborated with the U.S. Secret Service to collect evidence and create forensic images of the computers involved in the theft of over 130 million credit and debit card numbers, making it the biggest computer crime case ever prosecuted in the United States. The DIID Team also assisted federal law enforcement in acquiring and decrypting data related to the Iceman case, which involved attacks on computers at financial institutions and credit card processing centers.