CERT
Blog Posts
Security Analytics: Tracking Proxy Bypass
This post describes how to track the amount of network traffic that is evading security proxies for services that such proxies are expected to cover.
• By Tim Shimeall
In Cybersecurity Engineering
Using Machine Learning to Increase the Fidelity of Non-Player Characters in Training Simulations
Use of machine-learning (ML) modeling and a suite of software tools to create decision-making preferences that make non-player characters (NPCs) more realistic in simulations.
• By Dustin Updyke, Thomas Podnar, Geoffrey Dobson, John Yarger
In Cyber Workforce Development
DNS Over HTTPS: 3 Strategies for Enterprise Security Monitoring
DNS over HTTPS (DoH) can impair enterprise network visibility and security by bypassing traditional DNS monitoring and protections. In this post, I'll provide enterprise defenders three strategies for security monitoring …
• By Sean Hutchison
In Cybersecurity Engineering
Generating Realistic Non-Player Characters for Training Cyberteams
Since 2010, researchers in the SEI CERT Division have emphasized the crucial need for realism within cyberteam training and exercise events. In this blog post, we describe efforts underway to …
• By Dustin Updyke, Tyler Brooks
In Cyber Workforce Development
Balancing Cyber Confidence and Privacy Concerns
An important part of an organization's cybersecurity posture includes the monitoring of network traffic for proactive cyber defense. The trend toward implementing network protocols designed to improve personal privacy is …
• By William Reed, Dustin Updyke
In Enterprise Risk and Resilience Management
Six Free Tools for Creating a Cyber Simulator
It can be hard for developers of cybersecurity training to create realistic simulations and training exercises when trainees are operating in closed (often classified) environments with no ability to connect …
• By Joseph Mayes
In Cyber Workforce Development
Evaluating Threat-Modeling Methods for Cyber-Physical Systems
Addressing cybersecurity for a complex system, especially for a cyber-physical system of systems (CPSoS), requires a strategic approach during the entire lifecycle of the system....
• By Nataliya Shevchenko
In Enterprise Risk and Resilience Management
Improving Assessments for Cybersecurity Training
The CERT Cyber Workforce Development Directorate conducts training in cyber operations for the DoD and other government customers as part of its commitment to strengthen the nation's cybersecurity workforce....
• By April Galyardt
In Artificial Intelligence Engineering
Threat Modeling: 12 Available Methods
Almost all software systems today face a variety of threats, and the number of threats grows as technology changes....
• By Nataliya Shevchenko
In Enterprise Risk and Resilience Management
IPv6 Adoption: 4 Questions and Answers
IPv6 deployment is on the rise. Google reported that as of July 14 2018, 23.94 percent of users accessed its site via IPv6, up 6.16 percent from that same date …
• By Joseph Mayes
In Secure Development