CERT Mission: Anticipating and Solving the Nation’s Cybersecurity Challenges

NEWS

CERT Division at a Glance

Software Engineering Institute

We were there for the first internet security incident and we’re still here 25 years later. Only now, we’ve expanded our expertise from incident response to a comprehensive, proactive approach to securing networked systems. The CERT Division is part of the Software Engineering Institute, which is based at Carnegie Mellon University. We are the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and are a national asset in the field of cybersecurity.

Learn More About the CERT Division:

RECENT VULNERABILITIES

PUBLICATIONS

  • Unleashing Your Inner Code Warrior This keynote presentation was given at the 2016 Secure Coding Symposium, where attendees discussed challenges in secure coding and software assurance. Presentation - 09/15/2016
  • Striving for Effective Cyber Workforce Development This paper reviews the issue of cyber awareness and identify efforts to combat this deficiency and concludes with strategies moving forward. White Paper - 09/12/2016
  • Common Exploits and How to Prevent Them This presentation was given at the 2016 Secure Coding Symposium, where attendees discussed challenges in secure coding and software assurance. Presentation - 09/08/2016

EVENTS

  • How to Reduce the Graveyard of Software Tools with UI/UX Capability
    For different reasons, usability is generally an afterthought in the cybersecurity tool development process. In this webinar, we teach the audience the value of defining the problem and how this impacts the software quality outcomes.
    Webinar - 09/28/2016

  • Automated Decision-Making for Cyber Defense Operations
    At this free event, attendees will discuss the state of theory and practice for creating systems that can automatically identify, categorize, and respond to cyber attacks.
    Conferences - 10/27/2016

  • FloCon 2017
    The FloCon network security conference provides a forum for large-scale network flow analytics.
    Conferences - 01/09/2017

Blogs

Podcasts

Establishing Trust in the Wireless Emergency Alerts Service

Global Value Chain – An Expanded View of the ICT Supply Chain

In this podcast, Edna Conway and John Haller discuss the global value chain for organizations and critical infrastructures and how this expanded view can be used to improve ICT supply chain management, including risks to the supply chain. Podcast - 07/18/2016
Establishing Trust in the Wireless Emergency Alerts Service

Intelligence Preparation for Operational Resilience

In this podcast, Douglas Gray, a member of the CERT Cyber Risk Management team, discusses how to operationalize intelligence products to build operational resilience of organizational assets and services using IPOR. Podcast - 06/21/2016
Establishing Trust in the Wireless Emergency Alerts Service

Build Security In Maturity Model (BSIMM) – Practices from Seventy Eight Organizations

In this podcast, Gary McGraw, the Chief Technology Officer for Cigital, discusses the latest version of BSIMM and how to take advantage of observed practices from high-performing organizations. Podcast - 02/03/2016