Search Publications Show Papers Presentations Media All Publications Including Keyword

Displaying 5 most recent documents in Papers, Presentations, and Media.    Use the filters above to narrow your search.

Papers

Vulnerability Response Decision Assistance 2008-07-11 Burch, Hal Manion, Art Ito, Yuri VRDA (Vulnerability Response Decision Assistance) allows organizations to leverage the analysis effort at other organizations and to structure decision-making. Paper Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing 2008-06-27 Dormann, Will Plakosh, Dan This paper examines effective techniques for fuzz testing ActiveX controls using the Dranzer tool developed at CERT. Paper Incorporating Security Quality Requirements Engineering (SQUARE) into 2008-05-01 Mead, Nancy Viswanathan, Venkatesh Padmanabhan, Deepa This report describes how SQUARE can be incorporated in standard life-cycle models for security-critical projects. Paper Combating the Insider Cyber Threat 2008-04-18 Moore, Andrew Cappelli, Dawn The penetration of US national security by foreign agents as well as American citizens is a historical and current reality that’s a persistent and increasing phenomenon. Paper Incident Management Mission Diagnostic Method, Version 1.0 2008-03-28 Dorofee, Audrey Killcrece, Georgia Ruefle, Robin This report presents a risk-based approach for determining the potential for success of an organization's incident management capability. Paper

Presentations

Focus on Resiliency: A Process Improvement Approach to Security 2007-03-27 Young, Lisa The goal of security is to contribute to attaining and sustaining operational resiliency. Presentation CERT Resiliency Engineering Framework 2007-03-01 White, David A new environment in which business continuity& security must be increasingly effective & efficient. Presentation The CERT Survivability and Information Assurance Curriculum 2006-11-15 Rogers, Lawrence R. This presentation introduces and highlights the Survivability and Information Assurance (SIA) Curriculum. Presentation A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage 2006-11-07 Cappelli, Dawn Moore, Andrew Shaw, Eric A personal, organizational psycological perspective to insider threat. Includes information from CERT and PEREREC insider threat research. Presentation Focus on Resiliency: A Process Improvement Approach to Security 2006-11-06 Caralli, Richard Young, Lisa This presentation covers an evolving view of security, operational resiliency, embracing a process view, and the resiliency engineering framework. Presentation

Media

Podcast: Becoming a Smart Buyer of Software 2008-06-10 Gallagher, Brian Allen, Julia Managing software that is developed by an outside organization can be more challenging than building it yourself. Media Podcast: Connecting the Dots Between IT Operations and Security 2008-05-13 Allen, Julia Kim, Gene High performing organizations effectively integrate information security controls into mainstream IT operational processes. Media Podcast: Getting in Front of Social Engineering 2008-04-29 Hinson, Gary Allen, Julia Helping your staff learn how to identify social engineering attempts is the first step in thwarting them. Media Podcast: Using Benchmarks to Make Better Security Decisions 2008-04-15 Nichols, Betsy Allen, Julia Benchmark results can be used to compare with peers, drive performance, and help determine how much security is enough. Media Podcast: Protecting Information Privacy - How To and Lessons Learned 2008-04-01 Hargraves, Kim Allen, Julia Aligning with business objectives, integrating with enterprise risks, and collaborating with stakeholders are key to ensuring information privacy. Media

Home | About | Contact | FAQ | Jobs | Legal