The CERT Division | SEI

SEI Menu
Work Areas
Welcome to CERT
New Publications
About CERT

Our mission at the CERT Division is to anticipate and solve the nation's cybersecurity challenges.

Learn more
Engage with Us
Training
About Us
- Overview
- Leadership
News
Careers
Information for

Mapping the FFIEC Cybersecurity Assessment Tool (CAT) to the CRR

To help financial institutions assess their cyber resilience, we mapped FFIEC CAT statements to Cyber Resilience Review (CRR) questions.

Video Highlights Recent SEI STEM Efforts

Features recent high school cyber-kinetic exercise and SEI's wider initiative to encourage young people to consider careers in STEM fields.

Seven Principles for Software Assurance

Seven Principles for acquiring, building, deploying, and sustaining software systems to achieve a desired level of confidence for software assurance.

Becoming a CISO: Formal and Informal Requirements

The role of a chief information security officer is needed in all organizations regardless of the size or type of business.

Why Netflow Data Still Matters

With more devices connecting to the Internet, networks are larger and faster than ever before. This blog post explores the vital role that network flow plays in the future of network security and analysis.

Managing Third Party Risks to Financial Services Organizations

A resilience-based approach can help financial services organizations to manage cyber risks from outsourcing and comply with federal cybersecurity regulations.

CERT Director Richard Pethia Retires

Cybersecurity Advocate Piloted CERT through Decades of Growth and Change

CERT Mission: Anticipating and Solving the Nation’s Cybersecurity Challenges

Learn More About Us

NEWS

Video Highlights Recent SEI STEM Efforts
Article - 11/02/2016

See more news

CERT Division at a Glance

We were there for the first internet security incident and we’re still here more than 25 years later. Only now, we’ve expanded our expertise from incident response to a comprehensive, proactive approach to securing networked systems. The CERT Division is part of the Software Engineering Institute, which is based at Carnegie Mellon University. We are the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and are a national asset in the field of cybersecurity.

Learn More About the CERT Division:

RECENT VULNERABILITIES

VU#974055: iTrack Easy contains multiple vulnerabilities
Original Release date - 10/25/2016

VU#402847: Zizai Tech Nut contains multiple vulnerabilities
Original Release date - 10/25/2016

VU#617567: TrackR Bravo contains multiple vulnerabilities
Original Release date - 10/25/2016

Report a Vulnerability

See more vulnerabilities

PUBLICATIONS

A Scorecard for Cyber Resilience: What We Have Observed In this presentation the speakers discuss the Cyber Resilience Review (CRR). Presentation - 11/03/2016

A Mapping of the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) to the Cyber Resilience Review (CRR) To help financial organizations assess cyber resilience, we map FFIEC Cybersecurity Assessment Tool (CAT) statements to Cyber Resilience Review (CRR) questions. Technical Note - 10/25/2016

Managing Third Party Risk in Financial Services Organizations: A Resilience-Based Approach A resilience-based approach can help financial services organizations to manage cybersecurity risks from outsourcing and comply with federal regulations. White Paper - 09/27/2016

See more publications

EVENTS

FloCon 2017
The FloCon network security conference provides a forum for large-scale network flow analytics.
Conferences - 01/09/2017

See more events

Blogs

Security Modeling Tools

10/31/2016 - Julien Delange

Seven Principles for Software Assurance

10/24/2016 - Nancy Mead

Resilience, Secure Coding, Data Science, Insider Threat, and Scheduling: The Latest Research from the SEI

10/17/2016 - Douglas C. Schmidt

See more blog posts

Podcasts

Establishing Trust in the Wireless Emergency Alerts Service

Becoming a CISO: Formal and Informal Requirements

In this podcast, Darrell Keeling, Vice President of Information Security and HIPAA Security Officer at Parkview Health, discusses the knowledge, skills, and abilities needed to become a CISO in today’s fast-paced cybersecurity field. Podcast - 10/19/2016

Global Value Chain – An Expanded View of the ICT Supply Chain

In this podcast, Edna Conway and John Haller discuss the global value chain for organizations and critical infrastructures and how this expanded view can be used to improve ICT supply chain management, including risks to the supply chain. Podcast - 07/18/2016

Intelligence Preparation for Operational Resilience

In this podcast, Douglas Gray, a member of the CERT Cyber Risk Management team, discusses how to operationalize intelligence products to build operational resilience of organizational assets and services using IPOR. Podcast - 06/21/2016

See more podcasts

Welcome to CERT

New Publications

About CERT

Mapping the FFIEC Cybersecurity Assessment Tool (CAT) to the CRR

Video Highlights Recent SEI STEM Efforts

Seven Principles for Software Assurance

Becoming a CISO: Formal and Informal Requirements

Why Netflow Data Still Matters

Managing Third Party Risks to Financial Services Organizations

CERT Director Richard Pethia Retires

NEWS

CERT Division at a Glance

Learn More About the CERT Division:

RECENT VULNERABILITIES

PUBLICATIONS

EVENTS

Blogs

Security Modeling Tools

Seven Principles for Software Assurance

Resilience, Secure Coding, Data Science, Insider Threat, and Scheduling: The Latest Research from the SEI

Podcasts

Becoming a CISO: Formal and Informal Requirements

Global Value Chain – An Expanded View of the ICT Supply Chain

Intelligence Preparation for Operational Resilience