CERT
about us
CERT, the home of the well-known CERT(R) Coordination Center, is located at Carnegie Mellon University's Software Engineering Institute. We study internet security vulnerabilities, research long-term changes in networked systems, and develop information and training to help you improve security. 		take the tour

CERT Spotlight: Vulnerability Remediation

How do you know which holes to patch?

Vulnerability Remediation In an ideal world, software would not contain vulnerabilities that attackers could exploit. But other than following best practices such as installing patches, how do you protect yourself and your data against threats you don't know about?

We are addressing that problem with our work in vulnerability remediation. As part of our process, we analyze reports of vulnerabilities, coordinate with vendors to address the vulnerabilities, and disclose information about the vulnerabilities and mitigation techniques in various publications and in our vulnerability analysis blog.

Announcements

September 17, 2008

Interactive Vulnerability Reporting Form Released
The interactive form enhances CERT's vulnerability analysis efforts by making it easier for vulnerability reporters to securely submit valuable information.

September 16, 2008

New Podcast Released
OCTAVE Allegro provides a streamlined assessment method that focuses on risks to information used by critical business services.

September 8, 2008

Java Secure Coding Standard Released
CERT has released the Java Secure Coding Standard in addition to existing secure coding standards for the C and C++ programming languages. CERT invites the Java community to participate in this effort by reviewing content in the Java space and providing comments.

more announcements

headlines headlines