B1. How do I contact CERT?
B2. How can I send encrypted information to the CERT/CC?
B3. Will my sensitive information stay private after I give it to the CERT/CC?
B4. Who can I contact about ways to work with CERT? Does CERT have any jobs available?
B5. Who can I contact about reproducing information from the CERT site?

C1. Does CERT produce any statistics? What information is available?
C2. Can CERT recommend other helpful sources of information about computer security?
C3. Does CERT offer any training or workshops?

A. Introduction to CERT

CERT is an organization devoted to ensuring that appropriate technology and systems management practices are used to resist attacks on networked systems and to limiting damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures. For more detailed information about our work, see Meet CERT.

We are located at the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) operated by Carnegie Mellon University.

A2. What is the difference between CERT and the CERT Coordination Center (CERT/CC)?

The CERT/CC is one component of the larger CERT Program.

The CERT/CC, a major center for Internet security problems, was established in November 1988, after the "Morris Worm" brought down much of the Internet and demonstrated the growing network's susceptibility to attack. Shortly after that, the Defense Advanced Research Projects Agency (DARPA) charged the Software Engineering Institute (SEI) with both establishing a capability to quickly and effectively coordinate communication among experts during security emergencies in order to prevent future incidents and building awareness of security issues across the Internet community. CERT/CC staff members provide technical advice and coordinate responses to security compromises, identify trends in intruder activity, analyze product vulnerabilities, work with other security experts to identify solutions to security problems and ways to prevent the problems in the future, and disseminate information to the broad community.

The growth and reliance on the Internet, coupled with the increasing sophistication of intruder techniques, created a need for additional resources and capabilities. To address this need, the CERT/CC became part of the CERT Program. Other areas of work within the program include education and training, research and development, situational awareness, and global relationships.

A3. Is CERT an acronym? What does it stand for?

CERT is not an acronym. It is a name and a registered service mark. ("CERT" and "CERT Coordination Center" are registered with the U.S. Patent and Trademark office as service marks of Carnegie Mellon University.) You should not define "CERT" as an acronym; but it is appropriate to note in your text that the CERT/CC was the first computer security incident response team.

A4. What is the connection between the CERT and other groups with "CERT" in their name?

There is only one CERT Program and one CERT Coordination Center; there are no branches or alternate locations. Computer security incident response teams with "CERT" in their name are independent of us, though we might at times coordinate with them on computer security issues . Many of the teams are members of the Forum of Incident Response and Security Teams (FIRST), of which the CERT/CC is a founding member. Our relationship with US-CERT is more fully explained in a separate FAQ.

A5. Who funds CERT?

Our work is funded primarily by the U.S. Department of Defense and the Department of Homeland Security, along with a number of other federal civil agencies. Other funding comes from the private sector. As part of the Software Engineering Institute, we receive some funds from the primary sponsor of the SEI, the Office of the Under Secretary of Defense for Acquisition and Technology.

A6. How is CERT related to Carnegie Mellon University? the Software Engineering Institute?

Carnegie Mellon operates the Software Engineering Institute. In 1985, the university won a competitive bid to establish the institute at the university with funding from the Department of Defense. CERT is housed at the Software Engineering Institute.

A7. How is CERT connected to the Department of Homeland Security and US-CERT?

In September 2003, the Department of Homeland Security announced the creation of US-CERT, a joint effort with the CERT Coordination Center. US-CERT draws on CERT/CC capabilities to help prevent cyber attacks, protect systems, and respond to the effects of cyber attacks across the Internet. You can read more questions and answers about this partnership.

To top of page

B. Communicating with CERT

Full contact information is available on our contact page. Warning: When sending sensitive information by email, please use encryption.

The media should contact the public relations coordinator, at +1 412 268-4793 or public-relations@sei.cmu.edu.

B2. How can I send encrypted information to the CERT/CC?

You can protect sensitive information by encrypting your email with PGP or DES. We also have a secure telephone and secure fax (both at the secret level).

B3. Will my sensitive information stay private after I give it to the CERT/CC?

We will keep any information specific to your site confidential unless you give us permission to release that information. We distribute only composite, sanitized information in our publications.

B4. Who can I contact about ways to work with CERT? Does CERT have any jobs available?

Information about job openings is on the Employment Opportunities page. For information about other ways to collaborate with us, see the Collaboration Opportunities page on the SEI web site.

B5. Who can I contact about reproducing information from the CERT site?

Information about copyright and terms of use is available on our legal page.

To top of page

C. Getting Security Information from CERT

We produce statistics about the number of vulnerabilities reported to us each year, along with other data about our activities. These statistics are updated quarterly.

C2. Can CERT recommend other helpful sources of information about computer security?

As part of a federally funded research and development center (FFRDC), CERT cannot endorse any products or organizations. However, we maintain lists of other resources of network security information. Many of the articles, reports, and papers written by our staff are also available on the CERT web site.

New information is constantly being made available online. We urge you conduct online searches for security-related topics.

C3. Does CERT offer any training or workshops?

(a) Training

With the Software Engineering Institute (SEI), we offer courses for managers and technical personnel in areas such as creating and managing computer security incident response teams (CSIRTs), responding to and analyzing security incidents, and improving network security.

(b) Workshops

We are also involved in various workshops, including the following:

• FIRST Workshop on Incident Handling
  Each year, our staff members participate in the annual FIRST (Forum of Incident Response and Security Teams) Workshop on Incident Handling. For further information about FIRST and the FIRST Workshop on Incident Handling, please contact us or see the FIRST web site.

• FloCon Workshop
  Our Network Situational Awareness group hosts FloCon Workshops as a forum for researchers, operational analysts, and others who are interested in analyzing, from a security standpoint, large volumes of network traffic. For more information about FloCon and to view workshop proceedings, see the FloCon web pages.

• Information Survivability Workshop
  With the IEEE Computer Society, we have held Information Survivability Workshops, events devoted to fostering collaboration and cooperation between domain experts and the survivability research community to improve the survivability of critical, real-world systems, and to identify new research ideas that can contribute to the protection of critical infrastructures and critical applications.

• National CSIRTs Workshop
  The CERT Coordination Center hosts an annual workshop for CSIRTs with National Responsibilities. For more information about National CSIRTs, see the Resource for National CSIRTs pages.

(c) Presentations

Throughout the year, members of our staff give presentations at various technical conferences, seminars, and regional networks. Periodically, special arrangements can be made to tailor presentations to fit the requirements of the specific site. For further information regarding presentations, please contact CERT. Some of our presentations are available online.

To top of page