List of Insider Threat Publications from CERT, Software Engineering Institute and Carnegie Mellon University.
This brochure serves as an introduction for managers and security personnel on how to detect an insider threat and provides tips on how to safeguard your company’s trade secrets.
Abstract: Ensuring that devices on a network are not vulnerable is hard to do. Comply to Connect (C2C) simplifies this by enforcing that patches and hardened configuration are applied to devices before they connect and updated continually. Learn about the benefits of C2C and how easily it can be leveraged to improve most networks. Date Published: 18
The Cyber Proving Ground (CPG) is a collaborative effort between 24th Air Force, 25th Air Force, and the Air Force Life Cycle Management Center. It enables and supports high performance teams assembled from the breadth of the Air Force cyber community of interest and external partners to rapidly assess the applicability of emerging concepts and technologies
Modern weapons systems have depended on microelectronics since the inception of integrated circuits over fifty years ago. Today, most electronics contain programmable components of ever increasing complexity. At the same time, the Department of Defense (DoD) has become a far less influential buyer in a vast, globalized supplier base.3 Consequently, assuring
This publication has been developed by NIST to further its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems,
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and
The 60-page document, NIST Interagency Report (NISTIR) 8151: Dramatically Reducing Software Vulnerabilities, is a collection of the newest strategies gathered from across industry and other sources for reducing bugs in software. While the report is officially a response to a request for methods from the White House’s Office of Science and Technology Policy,
The CUI Program standardizes the way the Executive branch handles unclassified information that does not meet the criteria required for classification under E.O. 13526, “Classified National Security Information,” December 29, 2009, or the Atomic Energy Act but must be protected based on law, regulation, or Government-wide policy. That protection involves the
This fifth edition of the Common Sense Guide to Mitigating Insider Threats provides the CERT Insider Threat Center’s most current recommendations from the CERT Division, part of Carnegie Mellon University’s Software Engineering Institute. These recommendations are based on our continued research and analysis of an expanded corpus of over 1,000 cases of