More Related Links
Spotlight On: Insider Theft of Intellectual Property Inside the United States Involving Foreign Governments or Organizations
This technical note defines intellectual property (IP) and insider theft of IP, gives a snapshot of the insiders involved in these cases, summarizes some of the cases, and provides recommendations for mitigating the risk of similar incidents of insider threat.
05/09/2013Software Assurance Competency Model
This Software Assurance Competency Model helps create a foundation for assessing and advancing the capability of software assurance professionals.
05/30/2012Report from the First CERT-RMM Users Group Workshop Series
This report describes the first CERT RMM Users Group (RUG) Workshop Series and relays the experiences of participating members and CERT staff.
05/03/2012A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders
This report presents an example of an enterprise architectural pattern, Increased Monitoring for Intellectual Property (IP) Theft by Departing Insiders, to help organizations plan, prepare, and implement a means to mitigate the risk of insider theft of IP.
05/01/2012Source Code Analysis Laboratory (SCALe)
This report details the CERT Program's Source Code Analysis Laboratory (SCALe), a proof-of-concept demonstration that software systems can be conformance tested against secure coding standards, and provides an analysis of selected software systems.
05/01/2012Insider Threat Security Reference Architecture
This technical report describes the Insider Threat Security Reference Architecture (ITSRA), an enterprise-wide solution to the threat to organizations from its own insiders. The ITSRA draws from existing best practices and standards as well as from analysis of real insider threat cases to provide actionable guidance for organizations to improve their posture against the insider threat.
03/27/2012CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication Crosswalk Version 1
This technical note maps CERT® Resilience Management Model (CERT®-RMM) process areas to certain National Institute of Standards and Technology (NIST) special publications in the 800 series.
03/05/2012Principles of Trust for Embedded Systems
This paper gives substance and explicit meaning to the terms trust and trustworthy as they relate to automated systems and to embedded systems in particular.
02/27/2012Mission Risk Diagnostic (MRD) Method Description
The SEI has developed the Mission Risk Diagnostic (MRD) to assess risk in interactively complex, socio-technical systems across the life cycle and supply chain.
02/16/2012Deriving Software Security Measures from Information Security Standards of Practice
This white paper describes an approach for deriving measures of software security from well-established and commonly used standard practices for information security.
02/13/2012Risk-Based Measurement and Analysis: Application to Software Security
This report presents the foundational concepts of a risk-based approach for software security measurement and analysis and provides an overview of the IMAF and the MRD.
01/27/2012SEI Technologies Forum-- The Insider Threat: Lessons Learned from Actual Insider Attacks
The Insider Threat Center at CERT, which has been researching insider threats since 2001, has built an extensive library and comprehensive database containing more than 700 actual cases of insider cyber crimes. This presentation will describe findings from our analysis of three primary types of insider cyber crimes: IT sabotage, theft of information, and fraud. All CERT insider threat research focuses on both the technical and behavioral aspects of actual compromises.
01/26/2012The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)
This book describes CERT’s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by senior officials within any organization.
01/20/2012Spotlight On: Malicious Insiders and Organized Crime Activity
This report defines malicious insiders and organized crime and provides a snapshot of who malicious insiders are, what and how they strike, and why.
12/21/2011Using Defined Processes as a Context for Resilience Measures
This technical note, which builds on two previous reports, describes how implementation-level processes can provide the necessary context for identifying and defining measures of operational resilience.
10/11/2011Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination
This technical note presents an insider threat pattern on how organizations can combat insider theft of intellectual property. The technical note describes how to use the centralized log storage and indexing engine Splunk to detect malicious insider behavior on a network.
09/30/20112010 CERT Research Report
The CERT Research Report highlights our accomplishments and activities in successfully executing our research strategy.
09/16/2011The CERT Oracle Secure Coding Standard for Java
This book is the first comprehensive compilation of code-level requirements for building secure systems in JAVA. Organized by CERT’s software security experts, it covers every facet of secure software coding with Java 7 SE and Java 6 SE.
08/10/2011Keeping Your Family Safe in a Highly Connected World
Because of the anonymity provided by networked devices, our families are more likely to be attacked, be victims of theft, be subjected to inappropriate people or materials, or become involved unknowingly in illegal activities over a networked device than they are in person. This document discusses various dangers to be aware of and safeguards to reduce the risk of these dangers.
07/26/2011Measures for Managing Operational Resilience
In this report, Resilient Enterprise Management (REM) team members suggest a set of top ten strategic measures for managing operational resilience. These measures derive from high-level objectives of the ORM system defined in the CERT® Resilience Management Model, Version 1.1 (CERT®-RMM).
06/02/2011A Preliminary Model of Insider Theft of Intellectual Property
This report presents research about insider theft of intellectual property.
04/29/2011Trusted Computing in Embedded Systems Workshop
This report describes the November 2010 Trusted Computing in Embedded Systems Workshop held at Carnegie Mellon University.
04/21/2011Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0
This document, first in the Best Practices for National Cyber Security series, provides information that interested organizations and governments can use to develop a national incident management capability.
03/31/2011Software Assurance Curriculum Project Volume III: Master of Software Assurance Course Syllabi
This report, the third volume in the Software Assurance Curriculum Project sponsored by the U.S. Department of Homeland Security, provides sample syllabi for the nine core courses in the Master of Software Assurance Reference Curriculum.
03/24/2011Application of the CERT® Resilience Management Model at Lockheed Martin
Presented at SEPG North America 2011 on Thursday, March 24
03/24/2011Using CERT-RMM in a Software and System Assurance Context
Presented at SEPG North America 2011 on Thursday, March 24
02/25/2011Function Extraction (FX) Research for Computation of Software Behavior: 2010 Development and Application of Semantic Reduction Theorems for Behavior Analysis
This 2011 report presents the findings of an SEI study that have been implemented in a system for malware analysis and improved capabilities for behavior computation in other applications.
02/18/2011An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases
This report provides an overview of techniques employed by malicious insiders to steal intellectual property, including the types of assets targeted and the methods used to remove the information from a victim organization’s control. The report closes with a brief discussion of mitigating factors and strategic items that an organization should consider when defending against insider attacks on intellectual property.
02/08/2011Network Monitoring for Web-Based Threats
This report provides detection and prevention methods to counter an approach that a focused attacker would need to take in order to breach an organization through web-based protocols.
01/17/2011Trust and Trusted Computing Platforms
This technical note examines the Trusted Platform Module, which arose from work related to the Independent Research and Development project "Trusted Computing in Extreme Adversarial Environments: Using Trusted Hardware as a Foundation for Cyber Security."
01/14/2011Deriving Candidate Technical Controls and Indicators of Insider Attack from Socio-Technical Models and Data
This 2011 report seeks to demonstrate how a method for modeling previous insider crimes can create informed candidate technical controls and indicators.
01/03/2011Software Supply Chain Risk Management: From Products to Systems of Systems
This 2010 report considers current practices in software supply chain analysis and suggests foundational practices that can reduce risk in the supply chain.
12/28/2010Source Code Analysis Laboratory (SCALe) for Energy Delivery Systems
The Source Code Analysis Laboratory (SCALe) tests software applications for conformance to one of the CERT® secure coding standards. Though SCALe can be used in various capacities, it is particularly significant for conformance testing of energy delivery systems because of their critical importance.
12/28/2010A Taxonomy of Operational Cyber Security Risks
This report presents a taxonomy of operational cyber security risks. This report discusses the harmonization of the taxonomy with other risk and security activities.
11/12/2010CERT Resilience Management Model: A Maturity Model for Managing Operational Resilience
This book presents best practices for managing the security and survivability of people, information, technology, and facilities. It integrates these into a unified CMM that encompasses security, business continuity, and IT operations.
10/05/2010Securing Information in the Health-Care Industry: Network Security, Incident Management, and Insider Threat
In this webinar Greg Porter and Randy Trzeciak, discuss the effects of the new regulations on the health-care industry and some of the essential elements that healthcare technology executives should consider in order to secure patient information and systems from external threats. As well as, the increasing risks of insider threat within organizations, the key factors influencing an insider's decision to act, the technical and non-technical indicators and precursors of malicious acts, and the countermeasures that could improve the survivability and resiliency of the organization. (1 hr:31 mins)
09/29/2010Measuring Operational Resilience Using the CERT Resilience Management Model
This 2010 report begins a dialogue and establishes a foundation for measuring and analyzing operational resilience.
09/22/2010Securing Information in the Health-Care Industry: Network Security, Incident Management, and Insider Threat (Webinar)
Greg Porter and Randy Trzeciak provide some essential elements that healthcare technology executives should consider in order to secure patient information and systems from external threats.
08/31/2010Software Assurance Curriculum Project Volume I: Master of Software Assurance Reference Curriculum
This report contains a master of software assurance curriculum that educational institutions can use to create a degree program or track.
08/31/2010Software Assurance Curriculum Project Volume II: Undergraduate Course Outlines
This report focuses on an undergraduate curriculum specialization for software assurance.
07/30/2010Adapting the SQUARE Process for Privacy Requirements Engineering
This 2010 report explores how the SQUARE process can be adapted for privacy requirements engineering in software development.
07/28/2010Transforming Your Operational Resilience Management Capabilities: CERT’s Resilience Management Model (Webinar)
Rich Caralli, architect of CERT’s Resilience Management Model (CERT RMM), will describe how an organization can use the RMM to transform its operational resilience.
06/30/2010Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability
This document -- first in the Best Practices for National Cyber Security Series - provides insight that interested organizations and governments can use to begin to develop a national incident management capability.
06/16/2010Securing Global Software Supply Chains
This webinar will discuss an ongoing SEI effort to develop an approach for assessing software supply chains and identifying the associated software assurance risks. (48 mins)
06/07/2010Java Concurrency Guidelines
The CERT Oracle Secure Coding Standard for Java provides guidelines for secure coding in the Java programming language. This report documents the portion of those Java guidelines that are related to concurrency.
06/04/2010Specifications for Managed Strings, Second Edition
This report describes a managed string library for the C programming language.
06/01/2010Survivability Analysis Framework
Description of a framework (Survivability Analysis Framework) used to examine the elements of an operational process and evaluate the survivability and effectiveness of the linkage among roles, dependencies, constraints, and risks to achieve critical operational capabilities.
05/21/2010CERT Resilience Management Model, Version 1.0
This report presents the CERT-RMM, an approach to managing operational resilience in complex, risk-evolving environments.
05/20/2010Identifying Anomalous Port-Specific Network Behavior
A method for identifying network behavior that my be a sign of coming internet-wide attacks is presented.
10/26/2009Rethinking Risk Management Tutorial
Presented at the NDIA Systems Engineering Conference 2009 by Audrey Dorofee and Christopher Alberts.
08/13/2009Secure Coding
Led by Robert Seacord, the Secure Coding Initiative (SCI) within CERT works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before software becomes operational. SCI is developing secure coding standards for commonly used programming languages such as C, C++, and Java. These standards can be used to improve and assess the security and overall quality of software through training, automated analysis, code review, and other processes. (59 mins)
04/24/2009A Technical Overview of Risk and Opportunity Management
A technical overview of systemic risk and opportunity management for distributed environments.
03/23/2009New Directions in Risk: A Success-Oriented Approach (2009)
presented in San Jose, California, at the 21st Annual SEPG North America 2009 conference March 23-26, 2009
03/01/2009Secure Design Patterns
This 2009 SEI report describes a set of secure design patterns, which are meant to eliminate the accidental insertion of vulnerabilities into code.
01/01/2009High-Fidelity E-Learning: The SEI's Virtual Training Environment (VTE)
This 2009 document describes the tenets of high-fidelity e-learning, describes how VTE reflects these, and summarizes how organizations have used and are using VTE.
10/14/2008CERT C Secure Coding Standard
This book documents the first official release of the CERT C Secure Coding Standard, which itemizes those coding errors that are the root causes of software vulnerabilities in C.
06/01/2008Building More Secure Software
Building More Secure Software
06/01/2008Evaluation of CERT Secure Coding Rules through Integration with Source Code Analysis Tools
This report describes a study to evaluate the efficacy of the CERT Secure Coding Standards and source code analysis tools in improving the quality and security of commercial software projects.
05/01/2008Software Security Engineering: A Guide for Project Managers
With this book, you can select from a number of sound practices likely to increase the security and dependability of your software, both during its development and its operation.
05/01/2008Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models
This 2008 report describes how SQUARE can be incorporated in standard life-cycle models for security-critical projects.
05/01/2008Survivability Assurance for System of Systems
An SEI team built an analysis framework to evaluate the quality of the linkage among roles, dependencies, constraints, and risks for critical technology capabilities in the face of change. This report outlines the team's progress.
05/01/2008The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures
03/17/2008Using the Mission Diagnostic: Lessons Learned (2008)
presented at SEPG 2008, March 17-20, 2008 Tampa, Florida
03/01/2008Cyber Attack Scenarios Test Responses
Cyber Attack Scenarios Test Responses
03/01/2008Incident Management Mission Diagnostic Method, Version 1.0
This 2008 report provides a quick evaluation of the potential for success of an organization’s computer security or cyber-security incident management capability (IMC).
02/01/2008Tackling the Growing Botnet Threat
Tackling the Growing Botnet Threat
09/01/2007Governing for Enterprise Security (GES) Implementation Guide
This 2007 implementation guide, geared toward senior leaders, provides prescriptive guidance for creating and sustaining an enterprise security governance program.
09/01/2007How To Compare the Security Quality Requirements Engineering (SQUARE) Method with Other Methods
This 2007 report describes SQUARE, and outlines other methods used for identifying security requirements and compares them with SQUARE.
09/01/2007Process Improvement Should Link to Security: SEPG 2007 Security Track Recap
This document summarizes the content shared at the 2007 SEPG conference and identifies several subsequent steps underway toward strengthening those ties.
09/01/2007Ranged Integers for the C Programming Language
This 2007 report describes an extension to the C programming language to introduce the notion of ranged integers, that is, integer types with a defined range of values.
06/01/2007Survivability Challenges for Systems of Systems
Survivability Challenges for Systems of Systems
05/01/2007OCTAVE Allegro Speeds Up the Risk Assessment Process
OCTAVE Allegro Speeds Up the Risk Assessment Process
05/01/2007Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process
This 2007 report highlights the design considerations and requirements for OCTAVE Allegro based on field experience with existing OCTAVE methods.
05/01/2007Incident Management Capability Metrics Version 0.1
This document presents metrics to provide a baseline or benchmark of incident management practices.
05/01/2007Introducing the CERT Resiliency Engineering Framework: Improving the Security and Sustainability Processes
This report explores the transformation of the disciplines of security and business continuity into processes designed to support and sustain operational resiliency.
04/01/2007Computer Forensics for Business Leaders: A Primer
Computer Forensics for Business Leaders: A Primer
03/15/2007Assuring Mission Success in Complex Settings
Presented: March 2007
03/01/2007Modeling and Analysis of Information Technology Change and Access Controls in the Business Context
This report presents an overview of CERT progress in developing a system dynamics model of organizations’ typical use of change and access controls to support IT operations.
03/01/2007Management and Education of the Risk of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers Information, Systems, or Networks
This 2006 report describes the MERIT insider threat model and simulation results.
03/01/2007Global Information Grid Survivability: Four Studies
Four studies from 2006 that explore an issue relevant to the survivability of networks which are systems of systems.
02/01/2007Protecting Against Insider Threat
Protecting Against Insider Threat
12/01/2006Technology Foundations for Computational Evaluation of Software Security Attributes
09/01/2006Defense-in-Depth: Foundations for Secure and Resilient Enterprises
Materials from the 2006 Defense-in-Depth Foundational Curriculum course are useful for system administrators and IT security personnel who would like to step up to the management level.
09/01/2006Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks
This 2006 report contains an example that illustrates the critical importance of recognizing the need for evolutionary design changes in secure and survivable systems.
08/01/2006Risk Management Considerations for Interoperable Acquisition
This report addresses interoperable risk management: the interoperability of organizations that engage in risk management in the context of a system of systems.
07/01/2006CERT Launches Secure Coding Standards Web Site
CERT Launches Secure Coding Standards Web Site
05/01/2006Specifications for Managed Strings
Specifications for Managed Strings
05/01/2006Applying OCTAVE: Practitioners Report
This document describes how the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) method has been used and tailored to fit a wide range of organizational risk assessment needs.
05/01/2006The ROI of Security
Security Matters [2006 | 05]
05/01/2006Meet Ricky & Stick
Meet Ricky & Stick
04/01/2006Sustaining Operational Resiliency: A Process Improvement Approach to Security Management
This report, published in 2006, describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.
04/01/2006Detecting Scans at the ISP Level
This 2006 report presents an approach to detecting scans against, or passing through, very large networks.
03/01/2006Initiative Advocates Building Security In from the Start
Initiative Advocates Building Security In from the Start
03/01/2006Toward Measures for Software Architectures
This report describes the results of a preliminary investigation into measures for software architecture.
02/01/2006New CERT “Virtual Training Environment” Provides Online Information Security Education
New CERT “Virtual Training Environment” Provides Online Information Security Education
02/01/2006How Much Security Is Enough?
How Much Security Is Enough?
12/01/2005CERT Function Extraction Experiment: Quantifying FX Impact on Software Comprehension and Verification, The
This report describes the results of a controlled experiment that was performed to compare traditional manual methods of comprehension with automated behavior computation using an FX prototype.
11/01/2005Security Quality Requirements Engineering
This 2005 report presents the Security Quality Requirements (SQUARE) Methodology for eliciting and prioritizing security requirements in software development projects
10/01/2005Software Vulnerabilities in Java
This report briefly describes these potential software vulnerabilities in Java version 5.
09/09/2005Secure Coding in C and C++
This book identified a number of root causes for exploited software vulnerabilities and encourages programmers to adopt security best practices that can help prevent current and future attacks on vulnerable systems.
09/01/2005Mission Assurance Analysis Protocol (MAAP): Assessing Risk in Complex Environments
This 2005 report presents the concepts and underlying theories behind the Mission Assurance Analysis Protocol (MAAP), highlights results from early piloting of the technique, and outlines future research directions.
09/01/2005Building Information Assurance Educational Capacity: Pilot Efforts to Date
This report describes efforts by the SEI to increase the capacity of institutions of higher education to offer IA and IS courses, to expand existing IA and IS offerings, and to include IA and IS topics and perspectives in other courses.
07/01/2005Impact of Function Extraction Technology on Next-Generation Software Engineering, The
This 2005 report summarizes FX research and development and investigates the impact of FX on software engineering.
06/01/2005Governing for Enterprise Security
This 2005 report examines governance thinking, principles, and approaches and applies them to the subject of enterprise security.
06/01/2005Information Asset Profiling
This 2005 report describes IAP, a documented and repeatable process for developing consistent asset profiles.
06/01/2005Report on Annual Regional Information Assurance Symposia
06/01/2005Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector
This 2004 report outlines the ITS, a study of insider incidents to examine actual cases identified through public reporting or as a computer fraud case investigated by the Secret Service.
04/01/2005Secure Coding in C and C++: C-Style Strings
Secure Coding in C and C++: C-Style Strings
04/01/2005New CERT Course and Handbook Detail Electronic Detective Work
New CERT Course and Handbook Detail Electronic Detective Work
04/01/2005Governing for Security: Protect Stakeholder Interests
Governing for Security: Protect Stakeholder Interests
03/01/2005Shifting Perspective to Achieve and Sustain Enterprise Security
Shifting Perspective to Achieve and Sustain Enterprise Security
03/01/2005Eliciting and Analyzing Quality Requirements: Management Influences on Software Quality Requirements
This 2005 report documents the ways in which the organizational and project management environment for system development can support or reject improved quality requirements elicitation mechanisms.
02/01/2005Governing for Enterprise Security: Security is a Requirement of Being in Business
Governing for Enterprise Security: Security is a Requirement of Being in Business
01/01/2005Internet Denial of Service: Attack and Defense Mechanisms
Internet Denial of Service sheds light on a complex form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide.
01/01/2005An Introduction to Governing for Enterprise Security
An Introduction to Governing for Enterprise Security
01/01/2005University Hubs Help SEI Spread Information Assurance Curricula and Methods
University Hubs Help SEI Spread Information Assurance Curricula and Methods
01/01/2005Enterprise Security Management: Refocusing Security’s Role
Enterprise Security Management: Refocusing Security’s Role
01/01/2005OCTAVE-S Implementation Guide, Version 1
This 2004 report provides the detailed guidelines for conducting an OCTAVE-S evaluation.
01/01/2005Structured Approach to Classifying Security Vulnerabilities, A
This 2005 report proposes a classification scheme that uses attribute-value pairs to provide a multidimensional view of vulnerabilities.
12/01/2004Managing for Enterprise Security
This 2004 report itemizes characteristics of common approaches to security that limit effectiveness and success.
11/01/2004SQUARE Project: Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies
This 2004 report describes a general framework for hierarchical cost/benefit analysis aimed at providing acceptable estimations for small companies in their information security improvement projects.
10/01/2004Defining Incident Management Processes for CSIRTs: A Work in Progress
This report presents a prototype best practice model for performing incident management processes and functions.
07/01/2004Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management, The
This report describes the critical success factor method and presents various theories and experience in applying it to enterprise security management.
05/01/2004Survivable Functional Units: Balancing an Enterprise's Mission and Technology
This 2004 report describes a way to think about enterprise networks and is intended to aid system administrators so that they can more easily see how technology supports the enterprise’s mission.
03/01/2004Install and Use Those Anti-Virus Programs
Install and Use Those Anti-Virus Programs
03/01/2004Advanced Information Assurance Handbook
This handbook helps technical staff members who are charged with administering and securing information systems and networks.
02/01/2004CERT/CC Instrumental in National Security Effort
CERT/CC Instrumental in National Security Effort
02/01/2004The Goal of Computer Security or What's Yours is Yours Until You Say Otherwise!
The Goal of Computer Security or What's Yours is Yours Until You Say Otherwise!
01/01/2004What is a Distributed Denial of Service (DDoS) Attack and What Can I Do About It?
What is a Distributed Denial of Service (DDoS) Attack and What Can I Do About It?
12/01/2003CERT's Function Extraction Project: Exploring Program Behavior for Security Analysis
CERT's Function Extraction Project: Exploring Program Behavior for Security Analysis
12/01/2003There IS an Intruder in My Computer—What Now?
There IS an Intruder in My Computer—What Now?
12/01/2003Organizational Models for Computer Security Incident Response Teams (CSIRTs)
This 2003 report describes different organizational models for implementing incident handling capabilities, including each model's advantages and disadvantages and the kinds of incident management services that best fit with it.
10/01/2003State of the Practice of Computer Security Incident Response Teams (CSIRTs)
This 2003 report provides an objective study of the state of the practice of incident response, based on information about how CSIRTs around the world are operating.
09/01/2003Use Care When Reading Email with Attachments
Use Care When Reading Email with Attachments
09/01/2003Requirements Engineering for Survivable Systems
This 2003 report describes the current state of requirements engineering for survivable systems--systems that are able to complete their mission in a timely manner, even if significant portions are compromised by attack or accident.
07/01/2003International Liability Issues for Software Quality
This 2003 report focuses on international law related to cybercrime, international information security standards, and software liability issues as they relate to information security for critical infrastructure applications.
06/01/2003Use Care When Downloading and Installing Programs
Use Care When Downloading and Installing Programs
04/01/2003Handbook for Computer Security Incident Response Teams (CSIRTs)
This 2003 document provides guidance on forming and operating a CSIRT, and helps an organization to define and document the nature and scope of a computer security incident handling service, which is the core service of a CSIRT.
03/01/2003Assumption Management
Assumption Management
03/01/2003Can You Prove It?
Can You Prove It?
03/01/2003OCTAVE Users Forum: Helping to Build a Community of Practice
OCTAVE Users Forum: Helping to Build a Community of Practice
02/01/2003Applying FSQ Engineering Foundations to Automated Calculation of Program Behavior
This report summarizes research on Flow Structures and describes the application of their function-theoretic mathematical foundations to the problem of program behavior calculation.
01/01/2003Outsourcing Managed Security Services
The practices recommended in this 2003 report provide organizations with the guidance necessary to knowledgeably engage MSSPs, so they can make informed use of such services.
12/01/2002OCTAVE Developers Reach Out to Smaller Organizations with OCTAVE-S
OCTAVE Developers Reach Out to Smaller Organizations with OCTAVE-S
12/01/2002Installing and Using a Firewall Program
Installing and Using a Firewall Program
12/01/2002Network Survivability Analysis Using Easel
This 2002 report describes the results of explorations into the use of simulation in examining Internet survivability.
11/01/2002Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues
10/01/2002Life-Cycle Models for Survivable Systems
This 2002 report explains survivability concepts, describes a software development life-cycle model for survivability, and illustrates techniques to support survivability goals.
10/01/2002Trustworthy Refinement Through Intrusion-Aware Design (2002)
10/01/2002Trustworthy Refinement Through Intrusion-Aware Design
09/01/2002New Book Helps Organizations Take Charge of Information Security
New Book Helps Organizations Take Charge of Information Security
09/01/2002Carnegie Mellon Educates Next Generation of Information-Security Experts
Carnegie Mellon Educates Next Generation of Information-Security Experts
09/01/2002File Cabinets and Pig Latin: Guards for Information Assets
File Cabinets and Pig Latin: Guards for Information Assets
07/09/2002Managing Information Security Risks: The OCTAVE Approach
This book provides organizations with a systematic way to evaluate and manage their information security risks through the use of the OCTAVE approach.
07/01/2002Reeducation to Expand the Software Engineering Workforce: Successful Industry/University Collaborations
This 2002 paper reports on the study of the Industry/University group (a subgroup of the Working Group on Software Engineering Education and Training) to investigate active collaborations between companies and universities in which non-software professionals and practitioners who lack formal software education are reeducated to become software engineers.
06/01/2002CERT/CC and Secret Service Collaborate on Security
CERT/CC and Secret Service Collaborate on Security
06/01/2002Preventing Security-Related Defects
Preventing Security-Related Defects
06/01/2002Is There an Intruder in My Computer?
Is There an Intruder in My Computer?
06/01/2002Flow-Service-Quality (FSQ) Engineering: Foundations for Network System Analysis and Development
This 2002 report describes Flow-Service-Quality (FSQ) engineering, an emerging technology for management, acquisition, analysis, development, evolution, and operation of large-scale, network-centric systems.
03/01/2002The Internet—Friend or Foe?
The Internet—Friend or Foe?
12/01/2001TransPlant: Helping Organizations to Make the Transition
TransPlant: Helping Organizations to Make the Transition
12/01/2001The Internet Security Alliance: Leadership in Information Security
The Internet Security Alliance: Leadership in Information Security
12/01/2001Attack Scenarios: How to Get There from Here
Attack Scenarios: How to Get There from Here
12/01/2001Can We Ever Build Survivable Systems from COTS Components?
This paper describes a risk-mitigation framework for deciding when and how COTS components can be used to build survivable systems.
09/01/2001Everyone's a System Administrator
Everyone's a System Administrator
06/07/2001CERT Guide To System and Network Security Practices
This book puts CERT practices and implementations in book form, and offers step-by-step guidance for protecting systems and networks against malicious and inadvertent compromise.
06/01/2001Securing Information Assets
Securing Information Assets
06/01/2001CERT System and Network Security Practices
CERT System and Network Security Practices
03/01/2001Intrusion Detection Systems
Intrusion Detection Systems
03/01/2001How the FBI Investigates Computer Crime
How the FBI Investigates Computer Crime
06/01/2000Cybersleuthing: Means, Motive, and Opportunity
Cybersleuthing: Means, Motive, and Opportunity
03/01/2000Countering the Threat of Internet Denial of Service Attacks
Countering the Threat of Internet Denial of Service Attacks
03/01/2000Removing Roadblocks to Cyber Defense
Removing Roadblocks to Cyber Defense
03/01/2000Survivability Blends Computer Security With Business Risk Management
Survivability Blends Computer Security With Business Risk Management
03/01/2000Survivability Blends Computer Security
Survivability Blends Computer Security
12/01/1999Protecting Critical Systems in Unbounded Networks
Protecting Critical Systems in Unbounded Networks
09/01/1999From Y2K to Security Improvement: A Critical Transition
From Y2K to Security Improvement: A Critical Transition
09/01/1999From Y2K to Security Improvement; A Critical Transition
From Y2K to Security Improvement: A Critical Transition
06/01/1999Were You Ready for the Melissa Virus?
Were You Ready for the Melissa Virus?
03/01/1999Avoiding the Trial-by-Fire Approach to Security Incidents
Avoiding the Trial-by-Fire Approach to Security Incidents
12/01/1998What Messages Are You Sending to Vendors?
What Messages Are You Sending to Vendors?
12/01/1998Interview with Richard D. Pethia
Interview with Richard D. Pethia
12/01/1998Security of the Internet
Security of the Internet
09/01/1998Security Matters – Doesn't It?
Security Matters – Doesn't It?
01/01/1996Continuous Risk Management Guidebook
This book describes the underlying principles, concepts, and functions of risk management and provides guidance on how to implement it as a continuous practice in your projects and organization.
Find Us Here
Share This Page
For more information
Email: info@sei.cmu.edu
Call: 412-268-2358
