The CERT Coordination Center (CERT/CC) on certcc.github.io
Other Projects
We have other projects on GitHub as well. To see them, visit:
Welcome to the CERT® Coordination Center (CERT/CC) on certcc.github.io.
This site is the home of
the Stakeholder-Specific Vulnerability Categorization (SSVC) framework,
the Vultron Protocol,
and related projects.
The CERT Coordination Center (CERT/CC) is a part of the Software Engineering Institute (SEI) at Carnegie Mellon University.
Each link below will take you to a different project or resource.
The CERT Guide to Coordinated Vulnerability Disclosure
The CERT Guide to CVD is a comprehensive guide to the CVD process, which is the process of gathering information from vulnerability finders, coordinating the sharing of that information between relevant stakeholders, and disclosing the existence of software vulnerabilities and their mitigations to various stakeholders including the public.
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC is a risk-based prioritization framework that provides a method for modeling decisions about vulnerability response.
The Vultron Protocol
Vultron is a protocol for Coordinated Vulnerability Disclosure (CVD) that aims to provide interoperability across organizations' CVD processes. It is rooted in the CERT Guide to CVD and the SSVC framework.