CERT/CC Vulnerabilities
Blog Posts
The Essential Role of AISIRT in Flaw and Vulnerability Management
The SEI established the first Artificial Intelligence Security Incident Response Team (AISIRT) in 2023. This post discusses the role of AISIRT in coordinating flaws and vulnerabilities in AI systems.
Read More•By Lauren McIlvenny, Vijay S. Sarvepalli
In Artificial Intelligence Engineering
Protecting AI from the Outside In: The Case for Coordinated Vulnerability Disclosure
This post highlights lessons learned from applying the coordinated vulnerability disclosure (CVD) process to reported vulnerabilities in AI and ML systems.
Read More•By Allen D. Householder, Vijay S. Sarvepalli, Jeff Havrilla, Matt Churilla, Lena Pons, Shing-hon Lau, Nathan M. VanHoudnos, Andrew Kompanek, Lauren McIlvenny
In Securing AI
Vulnerabilities: Everybody’s Got One!
In this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.
Read More•By Leigh B. Metcalf
In Security Vulnerabilities
ACM Digital Threats: Research and Practice
CERT/CC is very excited to announce a new journal in collaboration with ACM called ACM Digital Threats, Research and Practice. The journal (DTRAP) is a peer-reviewed journal....
Read More•By Leigh B. Metcalf
In Security Vulnerabilities
CVD Series: What is Coordinated Vulnerability Disclosure? (Part 1 of 9)
This is the first post in a series about Coordinated Vulnerability Disclosure (CVD). In this series, we will discuss why CVD is an important part of the modern software development …
Read More•By Garret Wassermann
In Security Vulnerabilities
The Report "Network Profiling Using Flow" Released
Hi, this is Austin Whisnant of the CERT Network Situational Awareness Team (NetSA). After a long time in the making, NetSA has published an SEI technical report on how to …
Read More•By Austin Whisnant
In Security Vulnerabilities
