SEI Insights

Category: Best Practices

 The Risks of Google Sign-In on iOS Devices

By on

The Google Identity Platform is a system that allows you to sign in to applications and other services by using your Google account. Google Sign-In is one such method for providing your identity to the Google Identity Platform. Google Sign-In...

 Bypassing Application Whitelisting

By on

Application whitelisting is a useful defense against users running unapproved applications. Whether you're dealing with a malicious executable file that slips through email defenses, or you have a user that is attempting to run an application that your organization has...

 Who Needs to Exploit Vulnerabilities When You Have Macros?

By on

Recently, there has been a resurgence of malware that is spread via Microsoft Word macro capabilities. In 1999, CERT actually published an advisory about the Melissa virus, which leveraged macros to spread. We even published an FAQ about the Melissa...

 Supporting the Android Ecosystem

By on

A few months ago, a widely-publicized set of vulnerabilities called StageFright hit the Android ecosystem. While Google fixed the vulnerabilities in what appears to be a reasonable amount of time, the deployment of those fixes to end-user devices is another...

 "Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis" Paper Released

By on

Hello, this is Matt Collins of the CERT Insider Threat Center. We are pleased to announce the publication of our paper "Four Insider IT Sabotage Patterns and an Initial Effectiveness Analysis." The paper describes four mitigation patterns of insider IT...

 International Considerations for Cybersecurity Best Practices

By on

Hi! We are Lori Flynn and Carly Huth, CERT cybersecurity researchers. This post is about our recently published paper that describes how strategies for implementing international cybersecurity best practice should account for five factors: technology profile, laws and regulations, law...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 19 (of 19)

By on

Hello, this is Derrick Spooner, Cyber Threat Solutions Engineer for the CERT Program, with the last of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats....

 Common Sense Guide to Mitigating Insider Threats - Best Practice 18 (of 19)

By on

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the eighteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 17 (of 19)

By on

Hello, this is Daniel Costa, Cyber Security Solutions Developer for the CERT Program, with the seventeenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats....

 Common Sense Guide to Mitigating Insider Threats - Best Practice 16 (of 19)

By on

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst and Lori Flynn, Insider Threat Researcher for the CERT Program, with the sixteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 15 (of 19)

By on

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the fifteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 14 (of 19)

By on

Hello, this is Eleni Tsamitis, Insider Threat Administrator for the CERT Program, with the fourteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 13 (of 19)

By on

Hello, this is Ying Han, Graduate Research Assistant of the CERT Enterprise Threat and Vulnerability Management team, with the thirteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 12 (of 19)

By on

Hello, this is Sam Perl, Cybersecurity Analyst for the CERT Program, with the twelfth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 11 (of 19)

By on

Hello, this is Todd Lewellen, Cybersecurity Threat and Incident Analyst for the CERT Program, with the eleventh of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 10 (of 19)

By on

Hello, this is Marcus Smith, a graduate assistant for the CERT Program, with the tenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 9 (of 19)

By on

Hello, this is Mike Albrethsen, Information Systems Security Analyst for the CERT Program, with the ninth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats....

 Common Sense Guide to Mitigating Insider Threats - Best Practice 8 (of 19)

By on

Hello, this is Jeremy Strozer, Senior Cyber Security Specialist for the CERT Program, with the eighth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats....

 Common Sense Guide to Mitigating Insider Threats - Best Practice 7 (of 19)

By on

Hi, this is Chris King, Member of the Technical Staff for the CERT Program, with the seventh of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider...

 Common Sense Guide to Mitigating Insider Threats - Best Practice 6 (of 19)

By on

Hello, this is Jason Clark, Insider Threat Researcher for the CERT Program, with the sixth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The...