The Cyber Security and Information Systems Information Analysis Center (CSIAC)

Report

A Proven Resource for Maximizing DoD Dollars

The DoD Information Analysis Centers (IACs) serve as an essential resource to affordably deliver technical data and analyses in support of current operations. The Pentagon has recognized the DoD IACs' ability to maximize ...

Best Practice/Reference Document

DISA reorganization highlights Cybersecurity

Latest re-org and reassignment of responsibilities.

Journal

CSIAC Journal Call for Papers

CSIAC is looking for Cybersecurity-related technical research papers. We are especially interested in papers which address the following topics:

Cybersecurity of Critical Infrastructure and Installation ...

Reports

Tools

Popular Today
Newest Content
Recent Discussion
Most Commented

Cybersecurity - 47 views(s) today
Posted: 07/11/2012 - 8:15am by CSIAC

Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and...
SDTATIC Has Been Discontinued - 29 views(s) today
Posted: 06/30/2014 - 9:52am by CSIAC Admin

The Software Development Tools and Technology Information Clearinghouse (SDTATIC) has been discontinued. CSIAC appreciates the support of the vendors who provided product information for...
Software Intensive Systems Engineering - 28 views(s) today
Posted: 07/11/2012 - 7:43am by CSIAC Admin

Software Intensive Systems Engineering includes the entire field of software and systems engineering and related technologies; specifically as related to information, documentation, databases,...
Information Assurance - 19 views(s) today
Posted: 02/03/2015 - 5:16pm by CSIAC Admin
Evaluating Open Source Software - 13 views(s) today
Posted: 04/18/2013 - 2:02pm by CSIAC

There is an overwhelming amount of open source software (OSS) available today that can be used throughout the software development life cycle. Nowadays, it is generally not a matter of whether...
CSIAC Training - 13 views(s) today
Posted: 04/14/2014 - 1:08pm by jreade

The CSIAC provides training courses to government and industry in the knowledge areas of Software Engineering, Information Assurance, Modeling & Simulation, and Knowledge Management. At the same...

NIST IR 7966 DRAFT Security of Automated Access Management Using Secure Shell (SSH) (reference_documents)

Posted: 03/04/2015 - 3:16pm CSIAC Admin

NIST announces the second public comment release of Draft NIST Interagency Report (IR) 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). The purpose of this...
SB15-061: Vulnerability Summary for the Week of February 23, 2015 (discussion)

Posted: 03/02/2015 - 1:56pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SEI Webinar Series: What DevOps Is Not! (event)

Posted: 03/02/2015 - 1:51pm CSIAC Admin

The definition of DevOps is a highly contested topic. Despite what some will lead you to believe, DevOps is not just a set of tools, nor is it merely a focus on achieving continuous integration,...
Workshop on Cybersecurity in a Post-Quantum World (event)

Posted: 03/02/2015 - 9:31am CSIAC Admin

The advent of practical quantum computing will break all commonly used public key cryptographic algorithms. In response, NIST is researching cryptographic algorithms for public key-based key...
SB15-054: Vulnerability Summary for the Week of February 16, 2015 (discussion)

Posted: 02/23/2015 - 10:16am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-047: Vulnerability Summary for the Week of February 9, 2015 (discussion)

Posted: 02/17/2015 - 2:10pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...

SB15-061: Vulnerability Summary for the Week of February 23, 2015 (discussion)

Posted: 03/02/2015 - 1:56pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-054: Vulnerability Summary for the Week of February 16, 2015 (discussion)

Posted: 02/23/2015 - 10:16am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
SB15-047: Vulnerability Summary for the Week of February 9, 2015 (discussion)

Posted: 02/17/2015 - 2:10pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...
New Government Agency: "Cyber Threat Intelligence Integration Center" (discussion)

Posted: 02/10/2015 - 11:57am CSIAC Admin

In the wake of the Sony Pictures hack the Obama administration will establish a new government agency to "combat the deepening threat from cyberattacks," according to the Washington Post.To view...
US-CERT Vulnerability Summary for the Week of February 2, 2015 (discussion)

Posted: 02/09/2015 - 10:51am CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology(NIST) National Vulnerability...
SB15-026: Vulnerability Summary for the Week of January 19, 2015 (discussion)

Posted: 01/26/2015 - 2:34pm CSIAC Admin

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability...

Opinion piece in WSJ: "The military's system for acquiring software is... - 17 comments(s)
Posted: 02/18/2013 - 11:27am by Taz Daughtrey

“The Pentagon acquires IT and software-based systems the way it buys aircraft carriers—as if they were physical items to be forged or welded or mass-produced. The standard procurement cycle is...
Security Test Environments - 16 comments(s)
Posted: 11/12/2012 - 10:04am by tmcgibbon

I am looking for test environments and tools that would allow me to test and analyze cyber assets and effects. Suggestions?
Do We Need A Cybersecurity-Capability Maturity Model (CS-CMM)? - 11 comments(s)
Posted: 03/05/2013 - 10:43am by SARCDir

I've just finished reading the CSIS report titled "Updating U.S. Federal Cybersecurity Policy and Guidance" (http://csis.org/publication/updating-us-federal-cybersecurity-policy-and-guidance) and...
Looking for more examples of software security concept maps, such as the one... - 7 comments(s)
Posted: 03/27/2013 - 12:57pm by Taz Daughtrey
Topics to add, delete, emphasize, de-emphasize? - 7 comments(s)
Posted: 04/03/2013 - 8:06am by Taz Daughtrey

Which subject matter in the previous report [attached] do you think needs more attention now? What new topics should be added? What content from the previous report needs less coverage or even...
Acquisition Community for CSIAC - 4 comments(s)
Posted: 08/08/2012 - 8:36am by tmcgibbon

I don't mean to pick on Michael, because I agree with much of what he says in his blog. However I think we need to discuss specifically what it means to support the acquisition community. ...