This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact firstname.lastname@example.org if you have any questions about the US-CERT website archive.
Describes the kinds of security risks that can be present in legacy systems, both in-house and commercial off-the-shelf (COTS), and offers guidance for assessing those risks and making sound decisions about addressing them.