This Software Assurance Competency Model helps create a foundation for assessing and advancing the capability of software assurance professionals.
This report describes the first CERT RMM Users Group (RUG) Workshop Series and relays the experiences of participating members and CERT staff.
This report presents an example of an enterprise architectural pattern, Increased Monitoring for Intellectual Property (IP) Theft by Departing Insiders, to help organizations plan, prepare, and implement a means to mitigate the risk of insider theft of IP.
This report details the CERT Program's Source Code Analysis Laboratory (SCALe), a proof-of-concept demonstration that software systems can be conformance tested against secure coding standards, and provides an analysis of selected software systems.
This technical report describes the Insider Threat Security Reference Architecture (ITSRA), an enterprise-wide solution to the threat to organizations from its own insiders. The ITSRA draws from existing best practices and standards as well as from analysis of real insider threat cases to provide actionable guidance for organizations to improve their posture against the insider threat.
This technical note maps CERT® Resilience Management Model (CERT®-RMM) process areas to certain National Institute of Standards and Technology (NIST) special publications in the 800 series.
This paper gives substance and explicit meaning to the terms trust and trustworthy as they relate to automated systems and to embedded systems in particular.
The SEI has developed the Mission Risk Diagnostic (MRD) to assess risk in interactively complex, socio-technical systems across the life cycle and supply chain.
This white paper describes an approach for deriving measures of software security from well-established and commonly used standard practices for information security.
This report presents the foundational concepts of a risk-based approach for software security measurement and analysis and provides an overview of the IMAF and the MRD.
The Insider Threat Center at CERT, which has been researching insider threats since 2001, has built an extensive library and comprehensive database containing more than 700 actual cases of insider cyber crimes. This presentation will describe findings from our analysis of three primary types of insider cyber crimes: IT sabotage, theft of information, and fraud. All CERT insider threat research focuses on both the technical and behavioral aspects of actual compromises.
This book describes CERT’s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by senior officials within any organization.
This report defines malicious insiders and organized crime and provides a snapshot of who malicious insiders are, what and how they strike, and why.
This technical note, which builds on two previous reports, describes how implementation-level processes can provide the necessary context for identifying and defining measures of operational resilience.
This technical note presents an insider threat pattern on how organizations can combat insider theft of intellectual property. The technical note describes how to use the centralized log storage and indexing engine Splunk to detect malicious insider behavior on a network.
The CERT Research Report highlights our accomplishments and activities in successfully executing our research strategy.
This book is the first comprehensive compilation of code-level requirements for building secure systems in JAVA. Organized by CERT’s software security experts, it covers every facet of secure software coding with Java 7 SE and Java 6 SE.
Because of the anonymity provided by networked devices, our
families are more likely to be attacked, be victims of theft, be subjected to inappropriate people or
materials, or become involved unknowingly in illegal activities over a networked device than they
are in person. This document discusses various dangers to be aware of and safeguards to reduce the risk of these
In this report, Resilient Enterprise Management (REM) team members suggest a set of top ten strategic measures for managing operational resilience. These measures derive from high-level objectives of the ORM system defined in the CERT® Resilience Management Model, Version 1.1 (CERT®-RMM).
This report presents research about insider theft of intellectual property.
This report describes the November 2010 Trusted Computing in Embedded Systems Workshop held at Carnegie Mellon University.
This document, first in the Best Practices for National Cyber Security series, provides information that interested organizations and governments can use to develop a national incident management capability.
This report, the third volume in the Software Assurance Curriculum Project sponsored by the U.S. Department of Homeland Security, provides sample syllabi for the nine core courses in the Master of Software Assurance Reference Curriculum.
Presented at SEPG North America 2011 on Thursday, March 24
Presented at SEPG North America 2011 on Thursday, March 24
This 2011 report presents the findings of an SEI study that have been implemented in a system for malware analysis and improved capabilities for behavior computation in other applications.
This report provides an overview of techniques employed by malicious insiders to steal intellectual property, including the types of assets targeted and the methods used to remove the information from a victim organization’s control. The report closes with a brief discussion of mitigating factors and strategic items that an organization should consider when defending against insider attacks on intellectual property.
This report provides detection and prevention methods to counter an approach that a focused attacker would need to take in order to breach an organization through web-based protocols.
This technical note examines the Trusted Platform Module, which arose from work related to the Independent Research and Development project "Trusted Computing in Extreme Adversarial Environments: Using Trusted Hardware as a Foundation for Cyber Security."
This 2011 report seeks to demonstrate how a method for modeling previous insider crimes can create informed candidate technical controls and indicators.
This 2010 report considers current practices in software supply chain analysis and suggests foundational practices that can reduce risk in the supply chain.
The Source Code Analysis Laboratory (SCALe) tests software applications for conformance to one of the CERT® secure coding standards. Though SCALe can be used in various capacities, it is particularly significant for conformance testing of energy delivery systems because of their critical importance.
This report presents a taxonomy of operational cyber security risks. This report discusses the harmonization of the taxonomy with other risk and security activities.
This book presents best practices for managing the security and survivability of people, information, technology, and facilities. It integrates these into a unified CMM that encompasses security, business continuity, and IT operations.
In this webinar Greg Porter and Randy Trzeciak, discuss the effects of the new regulations on the health-care industry and some of the essential elements that healthcare technology executives should consider in order to secure patient information and systems from external threats. As well as, the increasing risks of insider threat within organizations, the key factors influencing an insider's decision to act, the technical and non-technical indicators and precursors of malicious acts, and the countermeasures that could improve the survivability and resiliency of the organization. (1 hr:31 mins)
This 2010 report begins a dialogue and establishes a foundation for measuring and analyzing operational resilience.
Greg Porter and Randy Trzeciak provide some essential elements that healthcare technology executives should consider in order to secure patient information and systems from external threats.
This report contains a master of software assurance curriculum that educational institutions can use to create a degree program or track.
This report focuses on an undergraduate curriculum specialization for software assurance.
This 2010 report explores how the SQUARE process can be adapted for privacy requirements engineering in software development.
Rich Caralli, architect of CERT’s Resilience Management Model (CERT RMM), will describe how an organization can use the RMM to transform its operational resilience.
This document -- first in the Best Practices for National Cyber Security Series - provides insight that interested organizations and governments can use to begin to develop a national incident management capability.
June 2010 podcast presenting and discussing two cases involving the CERT Forensics Team. Julia Allen leads the podcast; Kevin Moore and Cal Waits of CERT.
The TJX case describes the investigation into the theft of credit and debit card numbers from T.J. Maxx, Marshall’s, Barnes & Noble, OfficeMax, and other major retailers.
This webinar will discuss an ongoing SEI effort to develop an approach for assessing software supply chains and identifying the associated software assurance risks. (48 mins)
The CERT Oracle Secure Coding Standard for Java provides guidelines for secure coding in the Java programming language. This report documents the portion of those Java guidelines that are related to concurrency.
This report describes a managed string library for the C programming language.
Description of a framework (Survivability Analysis Framework) used to examine the elements of an operational process and evaluate the survivability and effectiveness of the linkage among roles, dependencies, constraints, and risks to achieve critical operational capabilities.
This report presents the CERT-RMM, an approach to managing operational resilience in complex, risk-evolving environments.
A method for identifying network behavior that my be a sign of coming internet-wide attacks is presented.
Kris Rush discusses a new forensics and incident response track being offered through the Carnegie Mellon Understand Information Networking Institute.
Led by Robert Seacord, the Secure Coding Initiative (SCI) within CERT works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before software becomes operational. SCI is developing secure coding standards for commonly used programming languages such as C, C++, and Java. These standards can be used to improve and assess the security and overall quality of software through training, automated analysis, code review, and other processes. (59 mins)
This 2009 SEI report describes a set of secure design patterns, which are meant to eliminate the accidental insertion of vulnerabilities into code.
This 2009 document describes the tenets of high-fidelity e-learning, describes how VTE reflects these, and summarizes how organizations have used and are using VTE.
This book documents the first official release of the CERT C Secure Coding Standard, which itemizes those coding errors that are the root causes of software vulnerabilities in C.
Building More Secure Software
This report describes a study to evaluate the efficacy of the CERT Secure Coding Standards and source code analysis tools in improving the quality and security of commercial software projects.
With this book, you can select from a number of sound practices likely to increase the security and dependability of your software, both during its development and its operation.
This 2008 report describes how SQUARE can be incorporated in standard life-cycle models for security-critical projects.
An SEI team built an analysis framework to
evaluate the quality of the linkage among roles, dependencies, constraints, and risks for critical
technology capabilities in the face of change. This report outlines the team's progress.
Cyber Attack Scenarios Test Responses
This 2008 report provides a quick evaluation of the potential for success of an organization’s computer security or cyber-security incident
management capability (IMC).
Tackling the Growing Botnet Threat
Business leaders can play a key role in computer forensics by establishing strong policies and proactively testing to ensure those policies work in tough situations.
This 2007 implementation guide, geared toward senior leaders, provides prescriptive guidance for creating and sustaining an enterprise security governance program.
This 2007 report describes SQUARE, and outlines other methods used for identifying security requirements and compares them with SQUARE.
This document summarizes the content shared at the 2007 SEPG conference and identifies several subsequent steps underway toward strengthening those ties.
This 2007 report describes an extension to the C programming language to introduce the notion of ranged integers, that is, integer types with a defined range of values.
Survivability Challenges for Systems of Systems
OCTAVE Allegro Speeds Up the Risk Assessment Process
This 2007 report highlights the design considerations and requirements for OCTAVE Allegro based on field experience with existing OCTAVE methods.
This document presents metrics to provide a baseline or benchmark of incident management practices.
This report explores the transformation of the disciplines of security and business continuity into processes designed to support and sustain operational resiliency.
Computer forensics is often overlooked when planning an incident response strategy; however, it is a critical part of incident response, and business leaders need to understand how to tackle it.
Computer Forensics for Business Leaders: A Primer
This report presents an overview of CERT progress in developing a system dynamics
model of organizations’ typical use of change and access controls to support IT
This 2006 report describes the MERIT insider threat model and simulation results.
Four studies from 2006 that explore an issue relevant to the survivability of networks which are systems of systems.
Protecting Against Insider Threat
Materials from the 2006 Defense-in-Depth Foundational Curriculum course are useful for system administrators and IT security personnel who would like to step up to the
This 2006 report contains an example that illustrates the critical importance of recognizing the need for evolutionary design changes in secure and survivable systems.
CERT Launches Secure Coding Standards Web Site
Specifications for Managed Strings
This document describes how the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) method has been used and tailored to fit a wide range of organizational risk assessment needs.
Security Matters [2006 | 05]
Meet Ricky & Stick
This report, published in 2006, describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.
This 2006 report presents an approach to detecting scans against, or passing through, very large networks.
Initiative Advocates Building Security In from the Start
This report describes the results of a preliminary investigation into measures for software architecture.
New CERT “Virtual Training Environment” Provides Online Information Security Education
How Much Security Is Enough?
This report describes the results of a controlled experiment that was performed to compare traditional manual methods of comprehension with automated behavior computation using an FX prototype.
This 2005 report presents the Security Quality Requirements (SQUARE) Methodology for eliciting and prioritizing security requirements in software development projects
This report briefly describes these potential software vulnerabilities in Java version 5.
This book identified a number of root causes for exploited software vulnerabilities and encourages programmers to adopt security best practices that can help prevent current and future attacks on vulnerable systems.
This 2005 report presents the concepts and underlying theories behind the Mission Assurance Analysis Protocol (MAAP), highlights results from early piloting of the technique, and outlines future research directions.
This report describes efforts by the SEI to increase the capacity of institutions of higher education to offer IA and IS courses, to expand existing IA and IS offerings, and to include IA and IS topics and perspectives in other courses.
This 2005 report summarizes FX research and development and investigates the impact of FX on software engineering.
This 2005 report examines governance thinking, principles, and approaches and applies them to the subject of enterprise security.
This 2005 report describes IAP, a documented and repeatable process for developing consistent asset profiles.
This 2004 report outlines the ITS, a study of insider incidents to examine actual cases identified through public reporting or as a computer fraud case investigated by the Secret Service.
Secure Coding in C and C++: C-Style Strings
New CERT Course and Handbook Detail Electronic Detective Work
Governing for Security: Protect Stakeholder Interests
Shifting Perspective to Achieve and Sustain Enterprise Security
This 2005 report documents the ways in which the organizational and project management environment for system development can support or reject improved quality requirements elicitation mechanisms.
Governing for Enterprise Security: Security is a Requirement of Being in Business
Internet Denial of Service sheds light on a complex form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide.
An Introduction to Governing for Enterprise Security
University Hubs Help SEI Spread Information Assurance Curricula and Methods
Enterprise Security Management: Refocusing Security’s Role
This 2004 report provides the detailed guidelines for
conducting an OCTAVE-S evaluation.
This 2005 report proposes a classification scheme that uses attribute-value pairs to provide a multidimensional view of vulnerabilities.
This 2004 report itemizes characteristics of common approaches to security that limit effectiveness and success.
This 2004 report describes a general framework for hierarchical cost/benefit analysis aimed at providing acceptable estimations for small companies in their information security improvement projects.
This report presents a prototype best practice model for performing incident management processes and functions.
This report describes the critical success factor method and presents various theories and experience in applying it to enterprise security management.
This 2004 report describes a way to think about enterprise networks and is intended to
aid system administrators so that they can more easily see how technology supports the enterprise’s mission.
Install and Use Those Anti-Virus Programs
This handbook helps technical staff members who are charged with administering and securing information systems and networks.
CERT/CC Instrumental in National Security Effort
The Goal of Computer Security or What's Yours is Yours Until You Say Otherwise!
What is a Distributed Denial of Service (DDoS) Attack and What Can I Do About It?
CERT's Function Extraction Project: Exploring Program Behavior for Security Analysis
There IS an Intruder in My Computer—What Now?
This 2003 report describes different organizational models for implementing incident handling capabilities, including each model's advantages and disadvantages and the kinds of incident management services that best fit with it.
This 2003 report provides an objective study of the state of the practice of incident response, based on information about how CSIRTs around the world are operating.
Use Care When Reading Email with Attachments
This 2003 report describes the current state of requirements engineering for survivable systems--systems that are able to complete their mission in a timely manner, even if significant portions are compromised by attack or accident.
This 2003 report focuses on international law related to cybercrime, international information security standards, and software liability issues as they relate to information security for critical infrastructure applications.
Use Care When Downloading and Installing Programs
This 2003 document provides guidance on forming and operating a CSIRT, and helps an organization to define and document the nature and scope of a computer security incident handling service, which is the core service of a CSIRT.
Can You Prove It?
OCTAVE Users Forum: Helping to Build a Community of Practice
This report summarizes research on Flow Structures and describes the application of their function-theoretic mathematical foundations to the problem of program behavior calculation.
The practices recommended in this 2003 report provide organizations with the guidance
necessary to knowledgeably engage MSSPs, so they can make informed use of such
OCTAVE Developers Reach Out to Smaller Organizations with OCTAVE-S
Installing and Using a Firewall Program
This 2002 report describes the results of explorations into the use of simulation in examining Internet survivability.
This 2002 report explains survivability concepts, describes a software development life-cycle model for survivability, and illustrates techniques to support survivability goals.
New Book Helps Organizations Take Charge of Information Security
Carnegie Mellon Educates Next Generation of Information-Security Experts
File Cabinets and Pig Latin: Guards for Information Assets
This book provides organizations with a systematic way to evaluate and manage their information security risks through the use of the OCTAVE approach.
This 2002 paper reports on the study of the Industry/University group (a subgroup of the Working Group on Software Engineering Education and Training) to investigate active collaborations between companies and universities in which non-software professionals and practitioners who lack formal software education are reeducated to become software engineers.
CERT/CC and Secret Service Collaborate on Security
Preventing Security-Related Defects
Is There an Intruder in My Computer?
This 2002 report describes Flow-Service-Quality (FSQ) engineering, an emerging technology for management, acquisition, analysis, development, evolution, and operation of
large-scale, network-centric systems.
The Internet—Friend or Foe?
TransPlant: Helping Organizations to Make the Transition
The Internet Security Alliance: Leadership in Information Security
Attack Scenarios: How to Get There from Here
This paper describes a risk-mitigation framework for deciding when and how COTS components can be used to build survivable systems.
Everyone's a System Administrator
This book puts CERT practices and implementations in book form, and offers step-by-step guidance for protecting systems and networks against malicious and inadvertent compromise.
Securing Information Assets
CERT System and Network Security Practices
Intrusion Detection Systems
How the FBI Investigates Computer Crime
Cybersleuthing: Means, Motive, and Opportunity
Countering the Threat of Internet Denial of Service Attacks
Removing Roadblocks to Cyber Defense
Survivability Blends Computer Security With Business Risk Management
Survivability Blends Computer Security
Protecting Critical Systems in Unbounded Networks
From Y2K to Security Improvement: A Critical Transition
From Y2K to Security Improvement: A Critical Transition
Were You Ready for the Melissa Virus?
Avoiding the Trial-by-Fire Approach to Security Incidents
What Messages Are You Sending to Vendors?
Interview with Richard D. Pethia
Security of the Internet
Security Matters – Doesn't It?