CERT: Definition and additional resources from ZDNet

(Computer Emergency Response Team) A group of people in an organization who coordinate their response to breaches of security or other computer emergencies such as breakdowns and disasters. Other similar terms are CSIRT (Computer Security Incident Response Team), CIRT (Computer Incident Response Team) and IRT (Incident Response Team). CERT often refers to the CERT center at Carnegie Mellon University (see CERT/CC).

Countries also develop their own CERT agencies for national security (see US-CERT). See oCERT and vulnerability disclosure.

Reproduced with permission from Computer Desktop Encyclopedia.
Copyright (c) 1981-2008 The Computer Language Company Inc.
All rights reserved.

Additional Resources

Apple plugs 25 Mac OS X security vulnerabilities: Apple has shipped another Mac OS X monster update to fix a total of 25 documented vulnerabilities that could lead to arbitrary code execution attacks. With Security Update 2008-004, Apple fixes code execution flaws in Launch Services, SMB File Server, System Configuration, VPN and WebKit. ...; Tags: Security, Apple Macintosh, Apple Inc., Arbitrary Code Execution, Small And Medium Business, Apache Tomcat, Application Termination, Apple Mac OS X, Apple Mac OS, Smb/Sme, Operating Systems, Software, Ryan Naraine; Blog posts 2008-06-30
Exploit code released for unpatched IE 7 vulnerability: Another day, another gaping hole affecting fully patched versions of Microsoft's Internet Explorer browser. According to a warning from US-CERT, proof-of-concept exploit code has been published for a new zero-day bug that can be used for a variety of malicious attacks against Windows users running IE 6,...; Tags: Attacker, Vulnerability, Frame, Microsoft Internet Explorer 7, Domain, Exploit Code, Microsoft Internet Explorer, Web Page, Web Browsers, Internet, Ryan Naraine; Blog posts 2008-06-30
Zero-day flaw haunts Internet Explorer: An unpatched cross-domain vulnerability in Microsoft's flagship Internet Explorer browser could expose Windows users to cookie hijacks and credentials theft attacks, according to a warning from security researchers. The zero-day flaw, which has been reported to Microsoft, is a variation of Eduardo Vela's IE Ghost Busters talk:...; Tags: Microsoft Internet Explorer, Zero-day Bug, Web Browsers, Internet, Ryan Naraine; Blog posts 2008-06-26
About-face: Apple patches Safari 'carpet bombing' bug: In what amounts to a major about-face, Apple has patched the Safari "carpet bombing" vulnerability that led to a Safari-to-Internet Explorer remote code execution combo threat. After insisting for weeks that the issue is more of an irritant than a security risk, Apple today released Safari v3.1.2...; Tags: Apple Safari, Apple Inc., Microsoft Windows, Web Browsers, Web Site Development, Operating Systems, Security, Software, Internet, Ryan Naraine; Blog posts 2008-06-19
ActiveX control bug bites Creative Labs AutoUpdate engine: A high-severity security flaw in the Creative Software automatic update engine could put Windows computers at risk of remote code execution attacks, according to a warning from the US-CERT Computer Emergency Readiness Team. The vulnerability affects the software used to provide updates to Creative Labs' audio/video entertainment product line,...; Tags: Webcam, Zen, Automatic Update, Blaster Worm, ActiveX Control, Creative Labs Inc., ActiveX Control Bug, Create Software AutoUpdate Engine ActiveX Control, ActiveX/COM/COM+/DCOM, Patches, Viruses And Worms, Security, Software Development, Software/Web Development, Ryan Naraine; Blog posts 2008-05-30

Did Chinese copy unattended U.S. laptop?: Update: This article was corrected to indicate that the laptop in question was government owned and didn't belong to Commerce Sec. Carlos M. Gutierrez, who doesn't carry a laptop. News flash for high-ranking government officials visiting China: You just don't leave your laptop or PDA unattended –...; Tags: Associated Press, Beijing, Laptop Computer, PDAs, Government, Notebooks, Handhelds, Hardware, Notebooks & Tablets, Richard Koman; Blog posts 2008-05-30
McAfee partner isn't McAfee secure: McAfee partner isn't McAfee secureI don't know about all of you...but I think that certification image is pretty sexy. So the McAfee HackerSafe logo offers you passable increased business due to customers feeling more secure? HA! My cert covers that and sex appeal! Where you at...; Tags: Quality, McAfee Inc., McAfee Secure; Discussion threads 2008-05-20
Microsoft plugs Office leaks; Delivers 4 critical patches: Microsoft on Tuesday delivered four critical patches for vulnerabilities Office and Windows XP. There were six patches delivered. Here's a look by the CVE: CVE-2008-1091: Microsoft patched an object parsing vulnerability in Microsoft Word. Affected software includes Office 2000, 2003 and 2007. Microsoft explains:...; Tags: Microsoft Word, Attacker, Microsoft Office, Vulnerability, Patch Management, Microsoft Corp., Zero Day Initiative, Security, Larry Dignan; Blog posts 2008-05-13
News to know: Vista troubleshooting, RIM, XP SP3, Apple, SAP: Notable headlines: XP SP3: Now on Windows Update Ed Bott: Fixing Windows Vista, Part 3: Top Troubleshooting Tools [See Gallery] David Morgenstern: Is Mac OS X Leopard, Safari 3.x too dark? Larry Dignan: Cisco third...; Tags: Research In Motion Ltd., Microsoft Windows Update, Oracle Corp., Microsoft Zune, Microsoft Windows Vista, SAP AG, Apple Inc., Microsoft Corp., Microsoft Windows, Operating Systems, Microsoft Windows XP, Software, Larry Dignan; Blog posts 2008-05-07
Do we need another CERT?: Do we need another CERT?what linux/unix taking a queue from MShell hath frozen over!btw, doesnt red hat have an live update like system?Huh???How is this a page from MS? And by looking at the second question I'd have to wonder why you're even making comments about Linux.; Tags: CERT; Discussion threads 2008-05-06
Google launches CERT for open source: Google launches CERT for open sourceGoogle and FOSSLet's kill off MS, then we can all continue doing useful stuff without worrying about a knife in our back.RE: Google launches CERT for open sourceGreat move... makes complete sense....wonder what the AGPL folk are saying...I'm not saying Google is god or nothing...they...; Tags: Google Inc., Google launches CERT, Google Launches, open source; Discussion threads 2008-05-06
Google launches CERT for open source: Google on Tuesday detailed plans for oCERT, a volunteer workforce that will remediate security issues in open source applications. The move makes a ton of sense. Community driven software can have bugs and plenty of folks to find these vulnerabilities. The problem: There's no central group to...; Tags: Google Inc., CERT, oCERT, Open Source, Security, Larry Dignan; Blog posts 2008-05-06
Do we need another CERT?: Yes. Google's backing of oCERT is a major milestone in the history of open source. It's not that I have anything against the Computer Emergency Response TeamCERT at Carnegie-Mellon. They do important work, not only in identifying risks but in educating people on them. ...; Tags: Vulnerability, CERT, Windows Machine, Dana, Security, Open Source, Dana Blankenhorn; Blog posts 2008-05-06
Apple should call PayPal's bluff: Apple should call PayPal's bluffIsn't the larger point, ....... why wouldn't Apple simply comply? It would seem that anything that protects their customer's from fraud is a good thing. Why does it always have to be Apple's way or the highway?Blaming the victimThis is nothing more than pay-pal...; Tags: Cyberthreats, SSL/TLS, Authentication/Encryption, Spam, SECURITY, Operating systems, PayPal, Apple Inc., Apple Safari, operating system, phishing; Discussion threads 2008-04-18
320GB for less than $70. Am I dreaming?: 320GB for less than $70. Am I dreaming?Par for the courseI live in Dallas and Micro Center routinely has brand new 500 GB SATA-300 drives in the $105-115 range, so this really isn't that big a deal. Both are in the 21-24 cents per gigabyte range.(Hey, I can remember spending...; Tags: Memory, Flash memory price; Discussion threads 2008-04-01
Security metrics and issues: Security metrics and issuesGeneralizingThe problem is, the populations are self-selected and different.An example: people who decide to use Linux tend to be more technically sophisticated than people who use Windows. Technical sophistication increases the likelihood that the necessary steps will be taken to improve security. Therefore, Linux...; Tags: Operating systems, Linux Flaws, Microsoft Windows, security, Unix, Anton, Linux; Discussion threads 2008-03-25
XP SP3's due date is now anyone's guess: XP SP3's due date is now anyone's guessCan You Guys Get ANY Date Right?Get with the program!!!!Great BlogSummary:I thought I knew the Sp3 date, but now it's clear that MS will not release on schedule. It's so terrible that I know nothing of importance about the new schedule; MS isn't...; Tags: Microsoft Windows XP, XP SP3, SP3, Microsoft Corp., Microsoft Windows Vista; Discussion threads 2008-03-24
Security: Lintel vs Wintel: In the PC community "security" just means defending against attacks aimed at destroying or misusing all or part of a computer system. In that context most of the complexities associated with trying to decide whether wintel or lintel will expose you to less security risk arise from the absense of...; Tags: Wintel, Attacker, Vulnerability, Flaw, National Vulnerability Database, Petreley, Security, Paul Murphy; Blog posts 2008-03-24
Microsoft presses on regardless with OOXML SDK: Microsoft presses on regardless with OOXML SDKExcellent!And yeah, some MS bashers will whine, the rest of the world will move ahead.SpiteCan you really call it spite if people oppose a standard that actually contains a company's product's name? Seems like a fair enough objection to me.I'm Shocked![i]Durusau has an interesting...; Tags: Quality, Microsoft Corp., OOXML, OOXML SDK, SDK; Discussion threads 2008-03-13
IT salary survey: Not all technical certs created equal: IT salary survey: Not all technical certs created equalNo Apple certs?I wish some Apple Certs were in this survey :-)RE: IT salary survey: Not all technical certs created equalCerts aren't needed. A 4 year degree, wide ranging experience, and continuing education are all that are needed. This is...; Tags: Quality, Strategy, certification, technical cert, IT Salary Survey, information technology, Apple Certs; Discussion threads 2008-03-06