Blog Posts

Rust Vulnerability Analysis and Maturity Challenges

This post explores tools for understanding vulnerabilities in the Rust programming language as well as the maturity of the Rust software ecosystem as a whole and how that might impact …

Read More

January 23, 2023 • By Garret Wassermann, David Svoboda

In Secure Development

Introducing CERT Kaiju: Malware Analysis Tools for Ghidra

Ghidra provides a compelling environment for reverse engineering tools that are relatively easy to use during malware analysis. Our latest blog post highlights a new suite of tools, known as …

Read More

September 13, 2021 • By Garret Wassermann, Jeffrey Gennari

In Reverse Engineering for Malware Analysis

CVD Series: Principles of Coordinated Vulnerability Disclosure (Part 2 of 9)

This SEI Blog, the second in a nine-part series, explores Coordinated Vulnerability Disclosure (CVD) best practices for vulnerability disclosure.

Read More

October 3, 2016 • By Garret Wassermann

In CERT/CC Vulnerabilities

CVD Series: What is Coordinated Vulnerability Disclosure? (Part 1 of 9)

This is the first post in a series about Coordinated Vulnerability Disclosure (CVD). In this series, we will discuss why CVD is an important part of the modern software development …

Read More

September 26, 2016 • By Garret Wassermann

In CERT/CC Vulnerabilities

How to Win Friends and Coordinate a Vulnerability

Discover new important, but simple, additions to the CERT/CC Vulnerability Analysis team's coordinated vulnerability disclosure (CVD) services.

Read More

March 8, 2016 • By Garret Wassermann

In CERT/CC Vulnerabilities