Showing 1 - 10 of 94 results for Vulnerability Analysis
This document provides security researchers with a repeatable methodology to produce more thorough and actionable results when analyzing embedded devices for vulnerabilities.
Will Dormann discusses a tool that shows whether a connection to the web is secure and what information is being transmitted.
This presentation describes initial research conducted by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws
Poster on research to create a method to automatically classify and prioritize alterts
In this dissertation, John D. Howard reviews an analysis of security incidents on the Internet from between 1989 and 1995.
This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.
CERT Tapioca is a network-layer MITM proxy VM that checks for apps that fail to validate certificates and investigates content of http/https traffic.
Art Manion and Allen Householder of the CERT Vulnerability Analysis team, talk about threat modeling and its use in improving the security of the Internet of Things (IoT).
The CERT/CC has pioneered the Coordinated Vulnerability Disclosure (CVD) process. In the past year, they analyzed their case tracking data, focusing on the distribution of case workloads over time. This slide deck contains findings from this analysis.
CERT Triage Tools consist of a triage script and a GNU Debugger (GDB) extension named 'exploitable' that classify Linux application defects by severity.