Security and Ontology Resources
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
We are aware of the need for controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity. SEI researchers are addressing this gap by developing the discipline's first common vocabulary.
Collection Items
An Incident Management Ontology
• Conference Paper
By Dave Mundie, Robin Ruefle, Audrey J. Dorofee, John McCloud, Samuel J. Perl, Matthew L. Collins
In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.
Read
Building an Incident Management Body of Knowledge
• White Paper
By Dave Mundie, Robin Ruefle
In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.
Read
The MAL: A Malware Analysis Lexicon
• Technical Note
By Dave Mundie, David McIntire
In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.
Read
Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity
• Podcast
By Dave Mundie, Julia H. Allen
In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.
Listen
FAQ: Collaboration Between the CERT Coordination Center and Computer Security Incident Response Teams Worldwide
• Brochure
By Software Engineering Institute
This FAQ answers questions related to the collaboration between the CERT/CC and CSIRTs worldwide.
Learn MorePart of a Collection
CSIRT Resources