Using Defined Processes as a Context for Resilience Measures

This technical note, which builds on two previous reports, describes how implementation-level processes can provide the necessary context for identifying and defining measures of operational resilience.

An Acquisition Perspective on Product Evaluation

This technical note focuses on software acquisition and development practices related to the evaluation of products before, during, and after implementation. From engagements with numerous DoD acquisition programs, it has...

The CERT Oracle Secure Coding Standard for Java

This book is the first comprehensive compilation of code-level requirements for building secure systems in JAVA. Organized by CERT’s software security experts, it covers every facet of secure software coding...

Keeping Your Family Safe in a Highly Connected World

Because of the anonymity provided by networked devices, our families are more likely to be attacked, be victims of theft, be subjected to inappropriate people or materials, or become involved unknowingly in...

A Workshop on Analysis and Evaluation of Enterprise Architectures

This report summarizes a workshop on the analysis and evaluation of enterprise architectures that was held at the SEI in April of 2010.