search menu icon-carat-right cmu-wordmark

The CERT Division

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study problems that have widespread cybersecurity implications and develop advanced methods and tools to counter large-scale, sophisticated cyber threats.

What We Do

CERT experts are a diverse group of researchers, software engineers, security analysts, and digital intelligence specialists working together to research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to improve the practice of cybersecurity.

Our connection to the internationally known Carnegie Mellon University creates multidisciplinary collaboration opportunities and amplifies our research abilities.

Cyber Center Development

Develop measurable and repeatable practices to prepare CSIRTS and other operational security organizations

Digital Forensics

Enable and improve incident response and analysis practices used by organizations as the technology landscape and sophistication of adversaries evolve

Network Situational Awareness

Analyze the cyber terrain as it evolves to characterize assets at risk, measure adversary activity, and prioritize responses to threat

System and Platform Evaluation

Assess software, devices, systems, and platforms of unknown design or origin to find vulnerabilities and strategies for defending against possible attacks

Case Studies

Cyber Lightning Case Study

Cyber Lightning Case Study

The SEI hosted Cyber Lightning, a three-day joint training exercise involving Air National Guard and Air Force Reserve units from western Pennsylvania and eastern Ohio.

Learn More
SEI Hosts Crisis Simulation Exercise for Cyber Intelligence Research Consortium

SEI Hosts Crisis Simulation Exercise for Cyber Intelligence Research Consortium

In SEI crisis simulation exercises, participants use scenarios that present fictitious malicious actors and environmental factors based on real-world events.

Learn More
TJX and Heartland Case Studies

TJX and Heartland Case Studies

The SEI collaborated with the U.S. Secret Service to collect evidence and create forensic images of the computers involved in the TJX and Heartland cases.

Learn More
USPS Case Study

USPS Case Study

The SEI teamed with the U.S. Postal Service to help it improve its cybersecurity and resilience and collaborated on a program to develop a strong cybersecurity workforce.

Learn More


The CERT Division is the birthplace of cybersecurity. For nearly 30 years, the CERT Division of the SEI has partnered with government, industry, law enforcement, and academia to advance cybersecurity and improve the security and resilience of computer systems and networks.

Originally focused on incident response, we have expanded into cybersecurity areas such as network situational awareness, malicious code analysis, secure coding, resilience management, insider threats, digital investigations and intelligence, workforce development, DevOps, forensics, software assurance, vulnerability discovery and analysis, and risk management.

Former Director Richard Pethia

Richard Pethia was founding director of the SEI's CERT Division. Pethia, who served as director of CERT from 1988 to 2016, guided the organization through tremendous growth and change. Under Pethia's leadership, the unit expanded and evolved from the CERT Coordination Center—a small group focused on computer incident response—to a research organization of more than 200 professionals dedicated to solving problems with widespread cybersecurity implications.



Bobbie Stempfley

Director, CERT Division

William Wilson

Deputy Director, CERT Division

Greg Shannon

Chief Scientist

Roman Danyliw

Chief Engineer