oCERT €“ A Dead Cert for Security


One of the best-known acronyms in computer security is CERT: Carnegie Mellon University's Computer Emergency Response Team. Now we have oCERT:

The oCERT project is a public effort providing security handling support to Open Source projects affected by security incidents or vulnerabilities, just like national CERTs offer services for their respective countries.

The service aims to help both large infrastructures, like major distributions, and smaller projects that can't afford a full-blown security team and/or security resources. This means aiding coordination between distributions and small project contacts. The goal is to reduce the impact of compromises on small projects with little or no infrastructure security, avoiding the ripple effect of badly communicated or handled compromises, which can currently result in distributions shipping code which has been tampered with.

oCERT also provides security vulnerability mediation for the security community, having reliable security contacts between registered projects and reporters that need to get in touch with a specific project regarding infrastructure security issues.

Last but not least oCERT provides aid with security vulnerability research and assessment.

"Recommended For You"

Virut botnet crippled by security researchers Lithuania hit by pro-Soviet hacking attack