CERT-SEI

Take a Course

Assessing Information Security Risk Using the OCTAVE Approach
In this three-day course, participants learn to perform information security risk assessments using the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Allegro method.

OCTAVE Approach Instructor Training
This two-day course teaches candidate OCTAVE instructors how to deliver the Assessing Information Security Risks Using the OCTAVE Approach course.

Malware Analysis Apprenticeship″ Advanced Forensic Response and Analysis
This five-day hands on course provides participants with an opportunity to learn best practices for analyzing malicious code.

Applied Cybersecurity, Incident Response and Forensics
This five-day hands-on course is designed to increase the knowledge and skills of technical staff charged with administering and securing information systems and networks. Security topics such as vulnerability assessment, systems administration, network monitoring, incident response, and digital forensics will offer a comprehensive defense-in-depth experience.

Information Security for Technical Staff
This five-day course is designed to provide participants with practical techniques for protecting the security of an organization's information assets and resources, beginning with concepts and proceeding on to technical implementations. The courses focus on understanding and applying the concept of survivability through the effective management of risk, threats, policy, system configuration, availability, and personnel.

Managing Enterprise Information Security: A Practical Approach for Achieving Defense-in-Depth
This three-day course begins with a brief review of the conceptual foundations of information security. Next, students will be introduced to the CERT Defense-in-Depth Framework: eight operationally focused and inter-dependent management components which will be synergistically applied to a fictitious organization's Information Technology (IT) enterprise.

Use Our Tools

Monitor Your Networks

Our network situational awareness researchers develop cutting-edge analysis techniques and tools that help organizations defend their networks from potential attacks. Examples of our tools include SiLK, an efficient network flow collection and storage infrastructure that accepts flow data from a variety of sensors, and iSiLK, a graphical front-end for the SiLK tools. YAF processes packet data into bidirectional flow records that can be used as input into an IPFIX Collecting Process. Our fixbuf library provides a set of functions for processing the IPFIX protocol message format.

Discover and Mitigate Existing Vulnerabilities

Our vulnerability analysis and secure coding tools and techniques help engineers detect, eliminate, and avoid creating vulnerabilities in software.

Attend FloCon

At FloCon, an annual network security conference, operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic showcase the next generation of flow-based analysis techniques. FloCon 2015 takes place in January 2015 in Portland, Oregon.

Plan Your Security Strategy

OCTAVE
These tools, techniques, and methods for risk-based information security strategic assessment and planning you can use to assess your organization's information security needs.

Assessing Information Security Risk Using the OCTAVE Approach
This course teaches you to perform information security risk assessments using the OCTAVE approach, which provides organizations a comprehensive methodology that focuses on information assets in their operational contexts.

Managing Enterprise Information Security: A Practical Approach for Achieving Defense-in-Depth
This course teaches you high-level best practices for effectively integrating eight components into all aspects of IT operations. Further, the course scenario is used extensively to reinforce these best practices with technical information security implementations.

Manage Your Risks

CERT Operational Resilience: Manage, Protect and Sustain
This webinar showcases the application of resilience models to operationalize risk management and solve hard problems in enterprise security.

CERT-RMM
Apply a process improvement approach to manage operational risk and resilience, security, business continuity, and IT operations.

Practical Risk Management: Framework and Methods
This course teaches you the foundation for a more practical approach to risk management that builds from a straightforward, broad-view method to a complex array of techniques needed for in-depth analyses of complex risks.

Protect Your Data from Malicious Insiders

Custom Onsite Insider Threat Workshops
We tailor confidential onsite workshops to use actual malicious insider incidents that occurred in your organization.

Insider Threat Vulnerability Assessments
Our confidential assessments explore your entire organization, including technical vulnerabilities, business process gaps, management issues, and your ability to deal effectively with behavioral issues.

Insider Threat Best Practices
Use these practices to mitigating IP theft, IT sabotage, and fraud in your organization.

Insider Threat Datasets
This generated collection of synthetic insider threat test datasets provide both synthetic background data and data from synthetic malicious actors.

Report a Vulnerability

We accept reports of security vulnerabilities and serve as a coordinating body that works with affected vendors to resolve vulnerabilities. Report a vulnerability or contact us if you have questions about vulnerabilities.

Ask Us to Help You

  • Use our software vulnerability tools and secure coding tools to discover software vulnerabilities.
  • Identify the insider threat products and services that are right for your organization.
  • Get help in producing and implementing technical controls to deter, detect, and respond to insider threats in your organization.
  • Solve your critical network-related problems.
  • Reduce security risks that result from software vulnerabilities.

Attend a Conference

FloCon 2015, our annual network security conference, provides a rich and rewarding forum for operational analysts, tool developers, researchers, and anyone interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques. FloCon 2015 takes place in January 2015 in Portland, Oregon.

Provide Feedback

Tell us how CERT insider threat controls have worked for you.

Send us feedback on our tools to help you monitor large-scale networks using flow data, code securely, or discover and remediate vulnerabilities.