CERT

CERT全称是Computer Emergency Response Center即计算机应急响应中心，它隶属于卡耐基-梅隆大学的软件工程研究所。官方网站是http://www.cert.org/

它提供的主要服务有：

1. Softeware Assusance，软件保障，我还是头一次看到这个词，呵呵，具体有三个方面：

  （1）Secure Coding 安全编码，在检查了大量的漏洞后总结出了少量的代码层面的根本原因，进而提出了如何编写安全代码的要求，规范，值得开发人员阅读。我的问题是：是不是完全遵循了安全编码要求的程序就不存在漏洞了呢？

（2）Function Extraction fo Malicious Code，为快速理解恶意代码在做什么提供了很好的帮助。

（3）Vulnerability Analysis脆弱性分析，发现软件中的脆弱点并修补它们。这个功能很强大，听起来非常难实现的一个系统，值得研究。

 

2. Secure Systems

Our research in survivable systems engineering involves analyzing how susceptible systems are to sophisticated attacks and proposing better designs for such systems. We also develop techniques that enable us to predict future threats to the internet. The results of our research contribute to our work with network situational awareness. As part of this "operational" component, we are developing tools and techniques that will improve the ability for network administrators to identify what is happening on their networks. These tools and techniques include engineering solutions and research approaches for analyzing broad network activity. The goal is to quantitatively characterize threats and targeted intruder activity.

 

3. Organizational Security

Practicing strong computer security is a nonnegotiable requirement for organizations doing business today. However, building security into an existing corporate culture is a complex undertaking. Our work in governance, insider threat, security management, and systems engineering provides general principles, specific starting points, as well as fully optimized methodologies for business leaders who want to launch an enterprise-wide security effort or make sure their existing security program is as good as it can be.

 

4. Coordinated Response

When computer security incidents occur, organizations must respond quickly and effectively. CERT supports the development of an international response team community by helping organizations build incident response capability and by developing a commonly used infrastructure of policies, practices, and technologies to facilitate rapid identification and resolution of threats. CERT also improves the national cyber response and readiness capability and builds international computer security information exchange and collaborative analysis capabilities. CERT enhances the ability of organizations in government and industry to protect themselves from attack and limit the damage and scope of attacks.

 

5. Training

Computer users are frequently cited as the weak link in an organization’s computer and network security strategy. CERT works to create an international workforce skilled in information assurance and survivability by developing curricula on information assurance and security incident response for executives, managers, educators, software engineers, and network administrators and front-line system operators. CERT disseminates these curricula through its own training courses, academic institutions, and through innovative approaches, such as the Virtual Training Environment (VTE).