REPORTS

10 most recent publications of 127 found

The MAL: A Malware Analysis Lexicon
(February 2013)
Authors: Dave Mundie, David McIntire (CERT)

Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders
(January 2013)
Authors: George Silowash, Todd Lewellen

Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources
(January 2013)
Authors: George Silowash, Christopher King

Common Sense Guide to Mitigating Insider Threats, 4th Edition
(December 2012)
Authors: George Silowash, Dawn Cappelli, Andrew P. Moore, Randall F. Trzeciak, Timothy J. Shimeall, Lori Flynn

Analyzing Cases of Resilience Success and Failure—A Research Study
(December 2012)
Authors: Julia H. Allen, Pamela D. Curtis, Nader Mehravari (Executive VP at IT Cadre and SEI Affiliate), Andrew P. Moore, Kevin G. Partridge, Robert W. Stoddard, Randall F. Trzeciak

Supporting the Use of CERT® Secure Coding Standards in DoD Acquisitions
(October 2012)
Authors: Timothy Morrow, Robert C. Seacord, John K. Bergey, Philip Miller

Well There’s Your Problem: Isolating the Crash-Inducing Bits in a Fuzzed File
(October 2012)
Author: Allen D. Householder

Communication Among Incident Responders - A Study
(September 2012)
Authors: Brett Tjaden, Robert Floodeen

Competency Lifecycle Roadmap: Toward Performance Readiness
(September 2012)
Authors: Sandra Behrens, Christopher J. Alberts, Robin Ruefle

Probability-Based Parameter Selection for Black-Box Fuzz Testing
(August 2012)
Authors: Allen D. Householder, Jonathan M. Foote

more...

PRESENTATIONS

10 most recent publications of 12 found

The Source Code Analysis Laboratory (SCALe) Webinar
(November 2012)
Author: Robert C. Seacord

Application of the CERT® Resilience Management Model at Lockheed Martin
(March 2011)
Authors: William David (Lockheed Martin Enterprise Business Services), Nader Mehravari (Operational Resilience Consulting), David W. White

Using CERT-RMM in a Software and System Assurance Context
(March 2011)
Author: Julia H. Allen

Securing Information in the Health-Care Industry: Network Security, Incident Management, and Insider Threat (Webinar)
(September 2010)
Author: Randall F. Trzeciak (CERT)

Transforming Your Operational Resilience Management Capabilities: CERT’s Resilience Management Model (Webinar)
(July 2010)
Author: Richard A. Caralli

Securing Global Software Supply Chains (Webinar)
(June 2010)
Author: Robert J. Ellison

Engineering Improvement in Software Assurance: A Landscape Framework (Webinar)
(May 2010)
Author: Carol Woody

Improving and Sustaining Processes for Managing Operational Resiliency CERT Resiliency Management Model (Webinar)
(January 2010)
Author: Richard A. Caralli

The Survivability Analysis Framework (Webinar)
(October 2009)
Authors: Robert J. Ellison, Carol Woody

Secure Coding (Webinar)
(August 2009)
Author: Robert C. Seacord

more...

BOOKS

9 found

The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)
(January 2012)
Author: Dawn Cappelli

The CERT Oracle Secure Coding Standard for Java
(September 2011)
Authors: Fred Long, Fred Long, Dhruv Mohindra, Dhruv Mohindra, Robert C. Seacord, Dean  F. Sutherland, David Svoboda

CERT Resilience Management Model: A Maturity Model for Managing Operational Resilience
(November 2010)
Authors: Julia H. Allen, Richard A. Caralli, David W. White

CERT C Secure Coding Standard
(October 2008)
Author: Robert C. Seacord

Software Security Engineering: A Guide for Project Managers
(May 2008)
Authors: Julia H. Allen, Sean Barnum, Robert J. Ellison, Gary McGraw, Nancy R. Mead

Secure Coding in C and C++
(September 2005)
Author: Robert C. Seacord

Internet Denial of Service: Attack and Defense Mechanisms
(January 2005)
Authors: Sven Dietrich, David Dittrich, Jelena Mirkovic, Peter Reiher

Managing Information Security Risks: The OCTAVE Approach
(July 2002)
Authors: Christopher J. Alberts, Audrey J. Dorofee

CERT Guide To System and Network Security Practices
(June 2001)
Author: Julia H. Allen

WEBINARS

9 found

Source Code Analysis Laboratory (SCALe)
(November 2012)
Author: Robert C. Seacord

SEI Technologies Forum: Software, Security, and Resiliency
(February 2012)
Author: Paul Nielsen

SEI Technologies Forum-- The Insider Threat: Lessons Learned from Actual Insider Attacks
(January 2012)
Author: Randall F. Trzeciak

SEI Technologies Forum-- Measuring Operational Resilience
(January 2012)
Author: Julia H. Allen

Securing Information in the Health-Care Industry: Network Security, Incident Management, and Insider Threat
(October 2010)
Author: Randall F. Trzeciak (CERT)

Transforming Your Operational Resilience Management Capabilities: CERT's Resilience Management Model
(August 2010)
Author: Richard A. Caralli

Securing Global Software Supply Chains
(June 2010)
Author: Robert J. Ellison

Secure Coding
(August 2009)
Author: Robert C. Seacord

SQUARE Up Your Security Requirements Engineering with SQUARE
(May 2009)
Author: Nancy R. Mead

WHITEPAPERS

3 found

Cyber Intelligence Tradecraft Project: Summary of Key Findings
(February 2013)

Deriving Software Security Measures from Information Security Standards of Practice
(February 2012)

Keeping Your Family Safe in a Highly Connected World
(August 2011)

BROCHURES

1 found

Insider Fraud in Financial Services
(July 2012)