Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders

This report presents methods to audit USB device use within a Microsoft Windows environment.

DoD Information Assurance and Agile: Challenges and Recommendations Gathered Through Interviews with Agile Program Managers and DoD Accreditation Reviewers

This paper discusses the natural tension between rapid fielding and response to change (characterized as agility) and DoD information assurance policy. Data for the paper was gathered through interviews with...

Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector

This report describes a new insider threat study in which researchers extracted technical and behavioral patterns from fraud cases and developed insights and risk indicators of malicious insider activity within...

Spotlight On: Malicious Insiders and Organized Crime Activity

This report defines malicious insiders and organized crime and provides a snapshot of who malicious insiders are, what and how they strike, and why.

Best Practices for Artifact Versioning in Service-Oriented Systems

This report describes some of the challenges of software versioning in an SOA environment and provides guidance on how to meet these challenges by following industry guidelines and recommended practices.