CERT/CC 2003 Annual Report

Our specific mission is to provide a comprehensive view of attack methods, vulnerabilities, and the impact of attacks on information systems and networks; provide information on incident and vulnerability trends and characteristics build an infrastructure of increasingly competent security professionals who respond quickly to attacks on Internet-connected systems and are able to protect their systems against security compromises provide methods to evaluate, improve, and maintain the security and survivability of networked systems work with vendors to improve the security of as-shipped products. The CERT/CC is part of the Networked Systems Survivability (NSS) Program at the Software Engineering Institute (SEI), Carnegie Mellon University. The primary goal of the NSS Program is to ensure that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks. The program's main areas of activity for 2003 included survivable enterprise management, analysis, security incident and vulnerability handling and analysis, and training.