CERT

Search Publications

Displaying 5 most recent documents in Papers, Presentations, and Media.
Use the filters above to narrow your search.

Papers

Software Assurance Curriculum Project Volume IV: Community College Education	2011-09-27	Mead, Nancy R. Hawthorne, Elizabeth K. Ardis, Mark	The fourth volume in the Software Assurance Curriculum Project focuses on community college courses for software assurance. The courses are intended to provide students with fundamental ...	Paper

2010 CERT Research Report	2011-09-23		The CERT Program is internally known for developing practices and technologies to protect, detect, and respond to attacks, accidents, and failures on networked systems. This report ...	Paper

Measures for Managing Operational Resilience	2011-08-01	Julia H. Allen Pamela D. Curtis	In this report, REM team members suggest a set of top ten strategic measures for managing operational resilience. These measures derive from high-level objectives of the ORM system ...	Paper

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation	2011-07-21	Sagar Chaki Rita Creel Jeff Davenport	This report describes the Software Engineering Institute's work in calendar year 2010 for the National Security Agency Computer Network Defense Research and Technology Program Management ...	Paper

A Preliminary Model of Insider Theft of Intellectual Property	2011-06-02	Moore, Andrew P. Cappelli Dawn M. Caron, Thomas C., et. al.	This technical note presents research findings on insider theft of intellectual property.	Paper

Presentations

Security Measurement and Analysis	2011-04-28	Alberts, Christopher Allen, Julia Stoddard, Robert	This presentation describes work being performed by the Software Engineering Institute as part of its Security Measurement and Analysis (SMA) project.	Presentation

Risk and Resilience: Considerations for Information Security Risk Assessment and Management	2011-02-22	Allen, Julia Cebula, James	Presented at RSA 2011, this presentation describes basic risk concepts, the CERT RMM, and discusses risk concepts as they relate to organizations.	Presentation

Goal-Based Assessment for the Cybersecurity of Critical Infrastructure	2010-12-03		A presentation describing role-based assessments using The CERT Resilience Management Model (CERT-RMM) as a reference.	Presentation

The Key to Successful Monitoring for Detection of Insider Attacks	2010-03-04	Cappelli, Dawn M. Trzeciak, Randall F. Floodeen, Robert	This presentation describes characteristics of various malicious insider activities and offers solution strategies.	Presentation

VRDA Prioritizing Vulnerability Response Efforts	2009-09-02	Manion, Art	Describes concepts for prioritizing vulnerability response efforts.	Presentation

Media

Integrated, Enterprise-Wide Risk Management: NIST 800-39 and CERT-RMM	2011-03-29	Ross, Ron Cebula, Jim Allen, Julia	Business leaders must address risk at the enterprise, business process, and system levels to effectively protect against today�s and tomorrow�s threats.	Media

Indicators and Controls for Mitigating Insider Threat	2011-01-25	Hanley, Michael	Technical controls may be effective in helping prevent, detect, and respond to insider crimes.	Media

How Resilient Is My Organization?	2010-12-09	Caralli, Rich White, David	Use the CERT Resilience Management Model (CERT-RMM) to help ensure that critical assets and services perform as expected in the face of stress and disruption.	Media

Public-Private Partnerships: Essential for National Cyber Security	2010-11-30	Merrell, Sam Haller, John Huff, Philip	Government agencies and private industry must build effective partnerships to secure national critical infrastructures.	Media

Software Assurance: A Master's Level Curriculum	2010-10-26	Mead, Nancy Hilburn, Thomas Linger, Richard	Podcast about the master's of software assurance curriculum.	Media