05/21/2015

CERT/CC Team wins U.S. Government Information Security Leadership Award

May 21, 2015—The Vulnerability Analysis Team of the Software Engineering Institute’s CERT Division has won a 2015 Government Information Security Leadership Award (GISLA) in the category of Most Valuable Industry Partner for its responsible coordinated disclosure strategy for software vulnerabilities. Award winners were named during a gala dinner on May 14 in Washington, D.C.

“[The CERT/CC team] pioneered efforts in vulnerability research automation for existing and emerging computing domains that have significantly strengthened the larger US-CERT mission of improving information security and providing value to industry partners,” according to the award presentation. “The team deployed the Tapioca automated vulnerability discovery tool and applied it to the … Google Play Store. Within a period of several days, over 20,000 vulnerabilities—or 15 percent of the total vulnerabilities identified in 2014—were discovered. These results are enabling this new community of developers and vendors of the platforms they utilize to adopt better security practices and bring increased utility to the expanding universe of mobile devices.”

For a complete list of 2015 winners or more information about the GISLA awards, please visit https://www.isc2.org/gisla/default.aspx.