You are here: Home Our Activities CERT Support Setting-up guide Workflows
Personal tools
 

Workflows

Examples of Operational and Technical Procedures (Workflows) 


We have taken the following steps so far:


  1. Understanding what a CSIRT is and what benefits it might provide. 
  2. To what sector will the new team deliver its services to? 
  3. What kinds of services a CSIRT can provide to its constituency. 
  4. Analysis of the environment and constituents. 
  5. Defining the mission statement. 
  6. Developing the Business Plan.

    • a. Defining the financial model. 
    • b. Defining the organisational structure. 
    • c. Starting to hire staff. 
    • d. Utilising and equipping the office. 
    • e. Developing an Information security policy 
    • f. Looking for cooperation partners. 
    

  7. Promoting the Business Plan.

    • a. Have the business case approved. 
    • b. Fit everything into a project plan. 
    





>> The next step is: making the CSIRT operational

Having well defined workflows in place will improve the quality and the needed time per incident or vulnerability case.

As described in the example boxes, Fictitious CSIRT will offer the basic CSIRT coreservices:

  • Alerts and Warnings
  • Incident Handling
  • Announcements

This section provides examples of workflows that describe the core-services of a CSIRT.

This section also contains information about collecting information from different sources, checking it on relevance and authenticity and redistributing it to the constituency. And finally this section contains examples of the most basic procedures and specific CSIRT tooling.

 
videos

 

CERT exercise video

View or download
the CERT Exercise video

related sites

logo cert eu
CERT-EU

logo apcert
Asian Pacific CERT

logo cert
CERT Coordination Centre

logo first
FIRST

logo nato
NATO CIRC

logo terena
Terena TF-CSIRT

logo ti
Trusted Introducer

 
IPv6 ready - http://www.ipv6forum.com/