search menu icon-carat-right cmu-wordmark

Authorization to Use the CERT Mark

Computer security incident response teams (CSIRTs) that apply for authorization to use the “CERT” mark in their names can expect to follow the process below:

  1. CSIRT leadership completes the qualification form. Contact us to request a form.
  2. CERT staff reviews the qualification form. 
  3. The SEI legal team creates a license agreement and sends it to the CSIRT staff. 
  4. CERT staff review the CSIRT’s website to ensure it meets the Guidelines for Use of “CERT” (described in the next section).
  5. CERT staff coordinates with the CSIRT staff about any changes that need to be made.
  6. CSIRT staff signs hard copies of the agreement and returns it to the SEI legal team.
  7. The signed agreement is presented to Carnegie Mellon University (CMU) for appropriate signatures.
  8. The agreement is executed after CMU signatures are secured and it is sent to CERT staff who post the CSIRT name and website link to the Authorized Users of “CERT” webpage.
  9. CSIRT staff can add the graphic located on the Authorized Users of "CERT" webpage to their website.

Guidelines for Using the CERT Mark

Our licensing effort and usage guidelines are designed to help us protect and strengthen the “CERT” brand and thereby reinforce its value for organizations that we license to use it.

Do not define "CERT" as an acronym

Although CERT was once an acronym, “CERT” has been a registered mark owned by Carnegie Mellon University since 1997. Organizations that we have licensed to use the CERT® mark may use it in both their short and long names. Examples of acceptable use include the following: Note that certain name configurations are reserved for authorized National CSIRTs.

  • <Short Name> CERT 
  • <Long Name> CERT

Note that certain name configurations are reserved for authorized national CSIRTs.