Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 124 results for Vulnerability Analysis

White Paper | December 2017 - White Paper Embedded Device Vulnerability Analysis Case Study Using ... By Madison Oliver, Kyle O'Meara

This document provides security researchers with a repeatable methodology to produce more thorough and actionable results when analyzing embedded devices for vulnerabilities.

Webinar | November 2015 - Webinar Web Traffic Analysis with CERT Tapioca By Will Dormann

Will Dormann discusses a tool that shows whether a connection to the web is secure and what information is being transmitted.

Presentation | March 2017 - Presentation Using Malware Analysis to Identify Overlooked Security ... By Nancy R. Mead, Jose A. Morales

This presentation describes initial research conducted by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws

Poster | October 2017 - Poster Rapid Expansion of Classification Models to Prioritize Static ... By Lori Flynn

Poster on research to create a method to automatically classify and prioritize alterts

Presentation | January 2000 - Presentation The Survivable Network Analysis Method: Assessing ...

This presentation introduces the survivable network analysis method, developed by the Software Engineering Institute's (SEI) CERT/Coordination Center.

White Paper | April 1997 - White Paper An Analysis of Security Incidents on the Internet By John Howard, George Weaver

In this dissertation, John D. Howard reviews an analysis of security incidents on the Internet from between 1989 and 1995.

Technical Report | May 2016 - Technical Report Using Honeynets and the Diamond Model for ICS Threat ... By John Kotheimer, Kyle O'Meara, Deana Shick

This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.

Presentation | January 2006 - Presentation Vulnerability Discovery: Bridging the Gap Between Analysis ...

This 2006 CERT presentation provides an overview of the vulnerability discovery field and discusses how it can be used to improve the practice of security engineering.

Podcast | May 2016 - Podcast Threat Modeling and the Internet of Things By Art Manion, Allen D. Householder

Art Manion and Allen Householder of the CERT Vulnerability Analysis team, talk about threat modeling and its use in improving the security of the Internet of Things (IoT).

Presentation | March 2018 - Presentation Analyzing 24 Years of CVD By Allen D. Householder

The CERT/CC has pioneered the Coordinated Vulnerability Disclosure (CVD) process. In the past year, they analyzed their case tracking data, focusing on the distribution of case workloads over time. This slide deck contains findings from this analysis.