Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Dave Mundie
December 2014 - Technical Note Pattern-Based Design of Insider Threat Programs

Topics: Insider Threat

In this report, the authors describe a pattern-based approach to designing insider threat programs that could provide a better defense against insider threats.

November 2014 - Conference Paper An Incident Management Ontology

Topics: Incident Management

In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.

November 2013 - Webinar Overview of the Threat Posed by Insiders to Critical Assets

Topics: Insider Threat

In this 2013 webinar, Randy Trzeciak and David Mundie discuss the challenges organizations face as they try to address insider threat.

October 2013 - Conference Paper Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis

Topics: Insider Threat

In this paper, the authors describe four patterns of insider IT sabotage mitigation and initial results from 46 relevant cases for pattern effectiveness.

May 2013 - Podcast Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity

Topics: Malware Analysis

In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.

March 2013 - Technical Note Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

Topics: Insider Threat

In this report, the authors justify applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.”

February 2013 - Technical Note The MAL: A Malware Analysis Lexicon

Topics: Incident Management

In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.

September 2012 - White Paper Building an Incident Management Body of Knowledge

Topics: Incident Management

In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.

April 2012 - Technical Report A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

Topics: Insider Threat

In this report, the authors present techniques for helping organizations plan, prepare, and implement means to mitigate insider theft of intellectual property.

February 2001 - Technical Note K-BACEE: A Knowledge-Based Automated Component Ensemble Evaluation Tool

This 2001 report describes an automated approach to evaluating ensembles of componentswithin the context of a system requirements specification.