CERT
about us
CERT, the home of the well-known CERT(R) Coordination Center, is located at Carnegie Mellon University's Software Engineering Institute. We study internet security vulnerabilities, research long-term changes in networked systems, and develop information and training to help you improve security. 		take the tour

CERT Spotlight: Vulnerability Remediation

How do you know which holes to patch?

Vulnerability Remediation In an ideal world, software would not contain vulnerabilities that attackers could exploit. But other than following best practices such as installing patches, how do you protect yourself and your data against threats you don't know about?

We are addressing that problem with our work in vulnerability remediation. As part of our process, we analyze reports of vulnerabilities, coordinate with vendors to address the vulnerabilities, and disclose information about the vulnerabilities and mitigation techniques in various publications and in our vulnerability analysis blog.

Announcements

July 22, 2008

New Podcast Released
Determining which security vulnerabilities to address should be based on the importance of the information asset.

July 18, 2008

CERT Autoresponder Disabled
Because of ongoing problems with the autoresponder messages being interpreted as spam, we have decided to discontinue providing an automatic acknowledgement of email sent to cert@cert.org. This change does not affect how we handle email sent to that address.

July 8, 2008

New Podcast Released
During requirements engineering, software engineers need to think deeply about (and document) how software should behave when under attack.

more announcements

headlines headlines