Dave Mundie
Software Engineering Institute
David Mundie is an SEI alumni employee.
David Mundie is a member of the CSIRT Development Team within the CERT® Program at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has been at CERT since 2000 and has worked in a variety of areas including insider threat, malware analysis, and incident management capability metrics. From 2006 to 2009, he was a member of the Q-CERT project, which established a national information security team for the country of Qatar. David's current research interests include formal ontologies for information security, insider threat patterns, and models of incident information sharing. Prior to joining CERT, he worked at Texas Instruments and Western Digital on compiler development, test engineering, and process improvement.
Publications by Dave Mundie
-
Pattern-Based Design of Insider Threat Programs
December 09, 2014 • Technical Note
Andrew P. MooreMatthew L. CollinsDave Mundie
In this report, the authors describe a pattern-based approach to designing insider threat programs that could provide a better defense against insider threats.
read -
An Incident Management Ontology
November 25, 2014 • Conference Paper
Dave MundieRobin RuefleAudrey J. Dorofee
In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.
read -
Overview of the Threat Posed by Insiders to Critical Assets
November 05, 2013 • Webinar
Randall F. TrzeciakDave Mundie
In this 2013 webinar, Randy Trzeciak and David Mundie discuss the challenges organizations face as they try to address insider threat.
watch -
Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis
October 22, 2013 • Conference Paper
Lori FlynnJason W. ClarkAndrew P. Moore
In this paper, the authors describe four patterns of insider IT sabotage mitigation and initial results from 46 relevant cases for pattern effectiveness.
read -
Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity
May 09, 2013 • Podcast
Dave MundieJulia H. Allen
In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.
learn more -
Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders
March 01, 2013 • Technical Note
Andrew P. MooreDavid McIntireDave Mundie
In this report, the authors justify applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.”
read -
The MAL: A Malware Analysis Lexicon
February 01, 2013 • Technical Note
Dave MundieDavid McIntire
In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.
read -
Building an Incident Management Body of Knowledge
September 07, 2012 • White Paper
Dave MundieRobin Ruefle
In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.
read -
A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders
April 01, 2012 • Technical Report
Andrew P. MooreMichael HanleyDave Mundie
In this report, the authors present techniques for helping organizations plan, prepare, and implement means to mitigate insider theft of intellectual property.
read -
Simulating Insider Cyber-Threat Risks: A Model-Based Case and a Case-Based Model
August 11, 2005 • White Paper
Eliot Rich (University at Albany State University of New York)Howard F. LipsonDave Mundie
In this paper, the authors identify actions that may inadvertently lead to increased vulnerability to threats from employees, contractors, and clients.
read -
K-BACEE: A Knowledge-Based Automated Component Ensemble Evaluation Tool
February 01, 2001 • Technical Note
Robert C. SeacordDave MundieSomjai Boonsiri
This 2001 report describes an automated approach to evaluating ensembles of componentswithin the context of a system requirements specification.
read