Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Showing 1 - 10 of 94 results for Vulnerability Analysis

White Paper | December 2017 - White Paper Embedded Device Vulnerability Analysis Case Study Using ... By Madison Oliver, Kyle O'Meara

This document provides security researchers with a repeatable methodology to produce more thorough and actionable results when analyzing embedded devices for vulnerabilities.

Webinar | November 2015 - Webinar Web Traffic Analysis with CERT Tapioca By Will Dormann

Will Dormann discusses a tool that shows whether a connection to the web is secure and what information is being transmitted.

Presentation | March 2017 - Presentation Using Malware Analysis to Identify Overlooked Security ... By Nancy R. Mead, Jose A. Morales

This presentation describes initial research conducted by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws

Poster | October 2017 - Poster Rapid Expansion of Classification Models to Prioritize Static ... By Lori Flynn

Poster on research to create a method to automatically classify and prioritize alterts

White Paper | April 1997 - White Paper An Analysis of Security Incidents on the Internet By John Howard, George Weaver

In this dissertation, John D. Howard reviews an analysis of security incidents on the Internet from between 1989 and 1995.

Technical Report | May 2016 - Technical Report Using Honeynets and the Diamond Model for ICS Threat ... By John Kotheimer, Kyle O'Meara, Deana Shick

This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.

Software | July 2017 - Software CERT Tapioca

CERT Tapioca is a network-layer MITM proxy VM that checks for apps that fail to validate certificates and investigates content of http/https traffic.

Podcast | May 2016 - Podcast Threat Modeling and the Internet of Things By Art Manion, Allen D. Householder

Art Manion and Allen Householder of the CERT Vulnerability Analysis team, talk about threat modeling and its use in improving the security of the Internet of Things (IoT).

Presentation | March 2018 - Presentation Analyzing 24 Years of CVD By Allen D. Householder

The CERT/CC has pioneered the Coordinated Vulnerability Disclosure (CVD) process. In the past year, they analyzed their case tracking data, focusing on the distribution of case workloads over time. This slide deck contains findings from this analysis.

Software | May 2014 - Software CERT Triage Tools

CERT Triage Tools consist of a triage script and a GNU Debugger (GDB) extension named 'exploitable' that classify Linux application defects by severity.

Refine