Software Engineering Institute

David Mundie

Software Engineering Institute

David Mundie is an SEI alumni employee.

David Mundie is a member of the CSIRT Development Team within the CERT® Program at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has been at CERT since 2000 and has worked in a variety of areas including insider threat, malware analysis, and incident management capability metrics. From 2006 to 2009, he was a member of the Q-CERT project, which established a national information security team for the country of Qatar. David's current research interests include formal ontologies for information security, insider threat patterns, and models of incident information sharing. Prior to joining CERT, he worked at Texas Instruments and Western Digital on compiler development, test engineering, and process improvement.

Dave Mundie

All

Tech Publications

Blog Posts

Podcasts

Videos

Pattern-Based Design of Insider Threat Programs

December 9, 2014 • Technical Note

By Andrew P. Moore, Matthew L. Collins, Dave Mundie, Robin Ruefle, David McIntire

An Incident Management Ontology

November 25, 2014 • Conference Paper

By Dave Mundie, Robin Ruefle, Audrey J. Dorofee, John McCloud, Samuel J. Perl, Matthew L. Collins

Unintentional Insider Threat and Social Engineering

March 31, 2014 • Blog Post

By Dave Mundie

Overview of the Threat Posed by Insiders to Critical Assets

November 5, 2013 • Webcast

By Randall F. Trzeciak, Dave Mundie

Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis

October 22, 2013 • Conference Paper

By Lori Flynn, Jason W. Clark, Andrew P. Moore, Matthew L. Collins, Eleni Tsamitis, Dave Mundie, David McIntire

More from David Mundie

Pattern-Based Design of Insider Threat Programs

December 9, 2014 • Technical Note

By Andrew P. Moore, Matthew L. Collins, Dave Mundie, Robin Ruefle, David McIntire

Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

March 1, 2013 • Technical Note

By Andrew P. Moore, David McIntire, Dave Mundie, David Zubrow

The MAL: A Malware Analysis Lexicon

February 1, 2013 • Technical Note

By Dave Mundie, David McIntire

Building an Incident Management Body of Knowledge

September 7, 2012 • White Paper

By Dave Mundie, Robin Ruefle

A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

April 1, 2012 • Technical Report

By Andrew P. Moore, Michael Hanley, Dave Mundie

More from David Mundie

Unintentional Insider Threat and Social Engineering

March 31, 2014 • Blog Post

By Dave Mundie

The Latest CERT Research of Unintentional Insider Threats: Social Engineering

September 30, 2013 • Blog Post

By Dave Mundie, CERT Insider Threat Center

Unintentional Insider Threats: The Non-Malicious Within

August 7, 2013 • Blog Post

By Dave Mundie, CERT Insider Threat Center

How Ontologies Can Help Build a Science of Cybersecurity

March 12, 2013 • Blog Post

By Dave Mundie, CERT Insider Threat Center

More from David Mundie

Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity

May 9, 2013 • Podcast

By Dave Mundie, Julia H. Allen

More from David Mundie

Overview of the Threat Posed by Insiders to Critical Assets

November 5, 2013 • Webcast

By Randall F. Trzeciak, Dave Mundie

More from David Mundie