• Reference Incident Classification Taxonomy

    This taxonomy resulted from collaboration initiatives such as the annual ENISA/EC3 Workshop which involved CSIRTs, LEAs, ENISA, and EC3. Other examples include the eCSIRT.net taxonomy2 which was developed in 2003, and the eCSIRT.net mkVI taxonomy3...

    Published on January 26, 2018
  • A good practice guide of using taxonomies in incident prevention and detection

    The aim of this document is to provide good practices on using taxonomies for incident detection and prevention by taking into account the input received from the CSIRT community and relevant information from previous ENISA studies. In addition, it...

    Published on January 30, 2017
  • Strategies for incident response and cyber crisis cooperation

    This document was prepared for the NIS Platform WG2 members introducing the main functions of CSIRTs from incident handling to crisis coordination – a high-level summary of the basics of incident response based on ENISA’s previous work on CSIRTs...

    Published on August 25, 2016
  • Good Practice Guide on Vulnerability Disclosure. From challenges to recommendations

    Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose...

    Published on January 18, 2016
  • Standards and tools for exchange and processing of actionable information

    This document has been created as part of an ENISA-funded study of the state of security information sharing and is intended to supplement the main report, “Actionable Information for Security Incident Response.” The purpose of this document is...

    Published on January 19, 2015
  • Actionable information for security incident response

    This document is intended as a good practice guide for the exchange and processing of actionable information. The report is relevant to incident response in all types of organizations, the primary audience of this study isnational and governmental...

    Published on January 19, 2015
  • Alerts-Warnings-Announcements

    This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams (CERTs, also known as CSIRTs). It describes good practices and provides practical information and guidelines for the process of preparing and...

    Published on November 21, 2013
  • EISAS Large-Scale Pilot - Collaborative Awareness Raising for EU Citizens & SMEs

    To continually raise the level of cyber security awareness of all citizens and businesses, the European Commission decided to promote a collaborative approach for awareness raising in Europe. Introduced in 2006, EISAS, the European Information...

    Published on December 13, 2012
  • Proactive detection of security incidents II - Honeypots

    An increasing number of complex attacks demand improved early warning detection capabilities for CERTs. By having threat intelligence collected without any impact on production infrastructure, CERTs can better defend their constituencies assets...

    Published on November 22, 2012
  • EISAS - Enhanced Roadmap 2012

    The EISAS Enhanced Roadmap 2012 take account of the results of the EISAS Large scale pilot and foresee the next steps required for a full deployment of EISAS in the EU.

    Published on October 13, 2012
  • CERT Operational Gaps and Overlaps

    This document analyses the operational gaps and overlaps of national/governmental CERTs and provides some reccomendations. Recommendations made in this report represent the results of the analysis of input gathered from the relevant external...

    Published on December 20, 2011
  • Proactive detection of network security incidents, CERT survey analysis

    This is Appendix II to the report on proactive detection of network security incidents. It contains analysis of the CERT survey which was part of the project

    Published on December 07, 2011
  • Proactive detection of network security incidents, report

    This report describes available external sources of information and internal monitoring tools which can be used by CERTs to improve their capabilities to detect network security incidents.

    Published on December 07, 2011
  • Good Practice Guide for Incident Management

    This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams. It describes good practices and provides practical information and guidelines for the management of network and information security incidents...

    Published on December 20, 2010

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information