Search Publications Show Papers Presentations Media All Publications Including Keyword

Displaying 5 most recent documents in Papers, Presentations, and Media.    Use the filters above to narrow your search.

Papers

Making the Business Case for Software Assurance 2009-04-30 Mead, Nancy R. Allen, Julia H. et al. This report provides guidance for making the business case for building software assurance into software products during each software development life-cycle activity. Paper Insider Threat Vulnerability Assessment 2009-04-21 The insider threat vulnerability assessment enables organizations to gain a better understanding of insider threat and an enhanced ability to assess and manage associated risks. Paper Spotlight On: Programming Techniques Used as an Insider Attack Tool 2009-04-06 Cappelli, Dawn Caron, Tom Trzeciak, Randall F. This report is the first in a new quarterly series, Spotlight On, published by the CERT insider threat team and funded by CyLab. Each report will focus on a specific area of concern ... Paper Secure Design Patterns 2009-03-30 Dougherty, Chad Sayre, Kirk Seacord, Robert Describes a set of secure design patterns, which are descriptions or templates describing a general solution to a security problem that can be applied in many different situations. Paper 2008 CERT Research Annual Report 2009-03-06 Software Engineering Institute This report describes progress in CERT research projects in 2008 and opportunities for collaboration. Paper

Presentations

Focus on Resiliency: A Process Improvement Approach to Security 2007-03-27 Young, Lisa The goal of security is to contribute to attaining and sustaining operational resiliency. Presentation CERT Resiliency Engineering Framework 2007-03-01 White, David A new environment in which business continuity& security must be increasingly effective & efficient. Presentation The CERT Survivability and Information Assurance Curriculum 2006-11-15 Rogers, Lawrence R. This presentation introduces and highlights the Survivability and Information Assurance (SIA) Curriculum. Presentation A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage 2006-11-07 Cappelli, Dawn Moore, Andrew Shaw, Eric A personal, organizational psycological perspective to insider threat. Includes information from CERT and PEREREC insider threat research. Presentation Focus on Resiliency: A Process Improvement Approach to Security 2006-11-06 Caralli, Richard Young, Lisa This presentation covers an evolving view of security, operational resiliency, embracing a process view, and the resiliency engineering framework. Presentation

Media

Podcast: The Upside and Downside of Security in the Cloud 2009-06-16 Mather, Tim Allen, Julia When considering cloud services, business leaders need to weigh the economic benefits ag Media Podcast: More Targeted, Sophisticated Attacks: Where to Pay Attention 2009-05-26 Lindner, Marty Allen, Julia Business leaders need to take action to better mitigate sophisticated social engineering attacks. Media Podcast: Is There Value in Identifying Software Security 'Never Events'? 2009-05-05 Charette, Robert Allen, Julia Now may be the time to examine our responsibilities when developing software with known, preventable errors – along with some possible consequences. Media Podcast: Cyber Security, Safety, and Ethics for the Net Generation 2009-04-14 Petersen, Rodney Allen, Julia Capitalizing on the cultural norms of the Net Generation is essential when developing security awareness programs. Media Podcast: An Experience-Based Maturity Model for Software Security 2009-03-31 McGraw, Gary Allen, Julia Observed practice, represented as a maturity model, can serve as a basis for developing more secure software. Media

Home | About | Contact | FAQ | Jobs | Legal