CT Information Security LLC. - CERT News Feed

Main Menu

Polls

Security Check

	We are confident in our security.
	There are holes but we are aware of them.
	Compliance is acheived, what else is needed.
	Immediate help is needed.

Newsflash

The market for selling personal information stolen online is expected to rise to $1.6 billion in 2010, according to IDC.

Home

CERT News Feed

CERT News Feed
CERT Announcements
Announcements: What's New on the CERT web site
Spotlight On: Insider Threat from Trusted Business Partners Published This article focuses on cases in the CERT Insider Threat Center database in which malicious insiders were employed by a trusted business partner of the victim organization. These cases involve outsourcing as well as individual contractors and consultants. New Podcast Released Securing systems that control physical switches, valves, pumps, meters, and manufacturing lines as these systems connect to the internet is critical for service continuity. CERT/CC Enhancing Collaboration Between National CSIRTs The CERT/CC has created both a wiki and an operational mailing list for authorized technical staff at national CSIRTs. These tools will promote collaboration and information exchange about technical projects and other relevant work. Upcoming SEI Webinar on the CERT Resilience Management Model On July 28, 2010, Rich Caralli will present "Transforming Your Operational Resilience Management Capabilities: CERT's Resilience Management Model" as part of the Software Engineering Institute's webinar series. New Podcast Released Complex, distributed, multi-year investigations of computer crimes require sophisticated methods, techniques, and tools. National CSIRTs to Meet in Miami On June 19-20, the CERT/CC is hosting a meeting of CSIRTs with national responsibility in Miami, Florida. Attendees will discuss the unique challenges facing national CSIRTs and will share information about projects and solutions. Fuzz Testing Tool Available The CERT Basic Fuzzing Framework (BFF) is a Linux-based tool for fuzz testing software that runs on Linux. This free tool is now available for download. Java Concurrency Guidelines Report Published The CERT Oracle Secure Coding Standard for Java provides guidelines for securrogramming language Second Edition of Specifications for Managed Strings Report Published This report describes a managed string library for the C programming language. Survivability Analysis Framework Technical Note Published The technical note describes the Survivability Analysis Framework (SAF), which can be used to examine the elements of an operational process and evaluate the survivability of an organization.