CERT
about us
CERT, the home of the well-known CERT(R) Coordination Center, is located at Carnegie Mellon University's Software Engineering Institute. We study internet security vulnerabilities, research long-term changes in networked systems, and develop information and training to help you improve security.
take the tour

CERT Spotlight: Vulnerability Remediation

How do you know which holes to patch?

Vulnerability Remediation In an ideal world, software would not contain vulnerabilities that attackers could exploit. But other than following best practices such as installing patches, how do you protect yourself and your data against threats you don't know about?

We are addressing that problem with our work in vulnerability remediation. As part of our process, we analyze reports of vulnerabilities, coordinate with vendors to address the vulnerabilities, and disclose information about the vulnerabilities and mitigation techniques in various publications and in our vulnerability analysis blog.

Announcements

September 8, 2008

Java Secure Coding Standard Released
CERT has released the Java Secure Coding Standard in addition to existing secure coding standards for the C and C++ programming languages. CERT invites the Java community to participate in this effort by reviewing content in the Java space and providing comments.

September 2, 2008

New Technical Note Released
Computer Forensics: Results of Live Response Inquiry vs. Memory Image Analysis presents a live response scenario and compares various approaches and tools used to capture and analyze evidence from computer memory.

September 2, 2008

New Podcast Released
Well-defined metrics are essential to determine which security practices are worth the investment.

more announcements

headlines headlines