search menu icon-carat-right cmu-wordmark

SEI Cyber Minute: Security Engineering Risk Analysis

Chris Alberts introduces the Security Engineering Risk Analysis (SERA) method, which can help your organization control the most significant cybersecurity risks it faces.

Software Engineering Institute



The SERA method, developed by the SEI’s CERT Division, incorporates many models that you can analyze at any point in the software acquisition or development lifecycle to identify cybersecurity risk scenarios. Those scenarios can help your organization identify the most significant risks it faces so you can focus your organization’s limited resources effectively. We have successfully piloted the SERA method at several government organizations where we have identified and corrected significant risks.