B1. How do I contact the CERT Program?
B2. How can I send encrypted information to the CERT Program?
B3. Will my sensitive information stay private after I give it to the CERT Program?
B4. Who can I contact about ways to work with the CERT Program? Are there any jobs available?
B5. Who can I contact about reproducing information from the CERT website?

C1. Can the CERT Program recommend other helpful sources of information about computer security?
C2. Does the CERT Program offer any training or workshops?

A. Introduction to the CERT Program

The CERT Program is an organization devoted to ensuring that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures. For more detailed information about our work, see About Us.

We are part of the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) operated by Carnegie Mellon University.

A2. What is the difference between the CERT Program and the CERT Coordination Center (CERT/CC)?

The CERT/CC is one component of the larger CERT Program.

The CERT/CC, a major center for internet security problems, was established in November 1988, after the "Morris Worm" brought down much of the internet and demonstrated the growing network's susceptibility to attack. Shortly after that, the Defense Advanced Research Projects Agency (DARPA) charged the Software Engineering Institute (SEI) with both establishing a capability to quickly and effectively coordinate communication among experts during security emergencies in order to prevent future incidents and to build awareness of security issues across the internet community. CERT/CC staff members coordinate responses to security compromises, analyze product vulnerabilities, work with other security experts to identify solutions to security problems, and disseminate information to the broad community.

The growth and reliance on the internet, coupled with the increasing sophistication of intruder techniques, created a need for additional resources and capabilities. To address this need, the CERT/CC became part of the CERT Program. Other areas of work within the program include education and training, research and development, situational awareness, forensics, organizational security, and global relationships.

A3. Is CERT an acronym? What does it stand for?

CERT is not an acronym; it is a name and a registered service mark. ("CERT" and "CERT Coordination Center" are registered service marks of Carnegie Mellon University.) You should not define "CERT" as an acronym, but it is appropriate to note in your text that the CERT Coordination Center was the first computer security incident response team (CSIRT). When referring to incident response teams, use the general term CSIRT and not the registered mark CERT.

A4. What is the connection between the CERT Program and its CERT/CC and other groups with "CERT" in their name?

There is only one CERT Program and one CERT Coordination Center; there are no branches or alternate locations. We have authorized some computer security incident response teams to use "CERT" in their name; however, these teams are independent of us. Many of these CSIRTs (see Question A3) are members of the Forum of Incident Response and Security Teams (FIRST), of which the CERT/CC is a founding member.

A5. Who funds the CERT Program?

Our work is funded primarily by the U.S. Department of Defense and the Department of Homeland Security, along with a number of other federal civil agencies and the private sector. As a program within the Software Engineering Institute, we receive some funds from the primary sponsor of the SEI, the Office of the Under Secretary of Defense for Acquisition and Technology.

A6. How is the CERT Program related to Carnegie Mellon University? the Software Engineering Institute?

Carnegie Mellon operates the Software Engineering Institute. In 1985, the university won a competitive bid to establish the institute at the university with funding from the Department of Defense.

The CERT/CC was established at the SEI in 1988 and has grown to be one of its largest and most recognized programs. It continues to administered by the SEI as part of a technical program of work that also includes research into state-of-the-art methods to utilize software architecture and products lines, improve individual and organizational processes, and support government acquisition efforts.

A7. How is the CERT Program connected to the Department of Homeland Security and US-CERT?

In September 2003, the Department of Homeland Security announced the creation of US-CERT, a joint effort with the CERT Coordination Center. US-CERT draws on CERT/CC capabilities to help prevent cyber attacks, protect systems, and respond to the effects of cyber attacks across the internet.

To top of page

B. Communicating with the CERT Program

Our contact information is available on our website contact page. Warning: When sending sensitive information by email, please use encryption.

The media should contact the public relations coordinator, at +1 412 268-4793 or public-relations@sei.cmu.edu.

B2. How can I send encrypted information to the CERT Program?

You can protect sensitive information by encrypting your email or contacting the CERT hotline, at +1 412 268-7090, to discuss other methods of protecting the information you send us (secure fax, secure phones, and other ways).

B3. Will my sensitive information stay private after I give it to the CERT Program?

We will keep any information specific to your site confidential unless you give us permission to release that information. We distribute only composite, sanitized information in our publications.

B4. Who can I contact about ways to work with the CERT Program? Are there any jobs available?

Information about job openings is on the Employment Opportunities page.

B5. Who can I contact about reproducing information from the CERT website?

Information about copyright and terms of use is available on our legal page.

To top of page

C. Getting Security Information from the CERT Program

C1. Can the CERT Program recommend other helpful sources of information about computer security?

As part of a federally funded research and development center (FFRDC), the CERT Program cannot endorse products or organizations. However, many of the articles, reports, papers, and podcasts created by our staff, available on the CERT website, contain helpful information and references.

New information is constantly being made available online. We urge you conduct online searches for security-related topics.

C2. Does the CERT Program offer any training or workshops?

(a) Training

With the Software Engineering Institute (SEI), we offer courses for managers and technical personnel in areas such as creating and managing computer security incident response teams (CSIRTs), responding to and analyzing security incidents, and improving network security.

(b) Workshops

We are also involved in various workshops, including the following:

• FIRST (Forum of Incident Response and Security Teams) Conference
  Each year, our staff members participate in the annual FIRST conference.

• FloCon Workshop
  Our Network Situational Awareness group hosts FloCon, an open workshop that provides a forum for researchers, operational analysts, and others who are interested in analyzing, from a security standpoint, large volumes of network traffic.

• Annual Meeting for CSIRTs with National Responsibility
  The CERT Coordination Center hosts an annual meeting for CSIRTs with National Responsibility to promote relationship building and collaboration.

(c) Presentations

Throughout the year, members of our staff present at various technical conferences, seminars, and regional networks. Periodically, special arrangements can be made to tailor presentations to fit the requirements of the specific site. For further information about presentations, please contact the CERT Program. Some of our presentations are available on our website.

To top of page