• ENISA CSIRT Maturity Framework - Updated and improved

    This document presents the updated and improved version of ENISA’s Computer Security Incident Response Teams (CSIRT) Maturity Framework that is intended to contribute to the enhancement of the capacity to manage cyber incidents, with a focus on...

    Published on February 23, 2022

  • Situational Report on Microsoft Exchange Vulnerabilities

    This ENISA situation report provides an assessment as well as advice and mitigation measures for the MS Exchange vulnerabilities. The threat for the new updates has been assessed as severe and ENISA considers attacks probable and of high risk. The...

    Published on March 19, 2021

  • Proactive detection - Good practices gap analysis recommendations

    The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...

    Published on May 26, 2020

  • Proactive detection – Measures and information sources

    The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...

    Published on May 26, 2020

  • Proactive detection – Survey results

    The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...

    Published on May 26, 2020

  • An overview on enhancing technical cooperation between CSIRTs and LE

    This report aims to support the cooperation between CSIRTs - in particular, national and governmental CSIRTs, LEAs and the Judiciary – in particular, prosecutors and judges, in their fight against cybercrime, by providing information on the...

    Published on May 07, 2020

  • Roadmap on the cooperation between CSIRTS and LE

    The purpose of this roadmap is to further explore the cooperation across computer security incident response teams (CSIRTs) in particular with national and governmental - law enforcement (LE) and the Judiciary (prosecutors and judges). This roadmap...

    Published on April 02, 2020

  • ENISA CSIRT maturity assessment model

    This is the updated version of the "Challenges for National CSIRTs in Europe in 2016: Study on CSIRT Maturity" published by ENISA in 2017. The study takes all relevant information sources into account, with a special emphasis on the NIS Directive...

    Published on April 30, 2019

  • ENISA Maturity Evaluation Methodology for CSIRTs

    This is the updated version of the "Study on CSIRT Maturity – Evaluation Process" published by ENISA in 2017. The new version (v.2) reflects values that are consistent with other documents and studies on CSIRT maturity.

    Published on April 09, 2019

  • Study on CSIRT landscape and IR capabilities in Europe 2025

    The objective of this study is to help ENISA identify and draw conclusions about the recent and current evolution of CSIRTs and IR capabilities in Europe towards 2025. Building on the existing knowledge gathered in the European CSIRT inventory, this...

    Published on February 06, 2019

  • Maturity Reference for CSIRTs – Executive Summary

    The target audience for this study is primarily the middle management layer in the CSIRTs, responsible for increasing the team’s maturity. The study will help them to more easily and quickly implement real maturity improvement, following...

    Published on January 15, 2018

  • NIS Directive and national CSIRTs

    This is an informative note on what provisions of the upcoming NIS Directive might mean for CSIRTs. It contains references to parts of the Directive, and some comments and proposals from our side. By no means we consider this document fix or final...

    Published on February 26, 2016

  • CSIRT Capabilities. How to assess maturity? Guidelines for national and governmental CSIRTs

    This report focuses on the maturity of national and governmental Computer Security and Incident Response Teams (CSIRTs) and the Trusted Introducer1 certification scheme for CSIRTs as an indicator of the maturity level of teams. The issues covered...

    Published on January 11, 2016

  • ENISA’s CSIRT-related capacity building activities

    This report represents the update of an impact assessment of ENISA’s support to CSIRTs in 2014. This updated assessment serves as a basis for a proposed roadmap to 2020. The impact of the ENISA support to the CSIRT community was assessed from a...

    Published on November 12, 2015

  • National/governmental CERTs - ENISA's recommendations on baseline capabilities

    Having a national / governmental CERTs in place that fulfils the requirements for ’baseline capabilities’ as defined in this document is essential for CIIP in all Member States. However these teams should not be considered as the one and only...

    Published on March 20, 2015

  • Impact Analysis and Roadmap

    This report represents the outcome of an impact assessment of ENISA’s support to Computer Emergency Response Teams (CERTs) for the period 2005 until today. The impact assessment has served as a basis for a proposed roadmap to 2020. The key...

    Published on December 01, 2014

  • CERT community - Recognition mechanisms and schemes

    This document provides an overview of existing mechanisms supporting Computer Emergency Response Teams (CERTs) to deploy capabilities necessary for their operations and their maturity level. It introduces these mechanisms according to the CERT...

    Published on December 12, 2013

  • Baseline Capabilities of n/g CERTs - Updated Recommendations 2012

    This document lists updated set of recommendations on gaps and shortcomings identified in the Status Report 2012. The number of gaps and shortcomings that still need to be addresssed in order for n/g CERTs to fully meet their baseline capabilities...

    Published on December 17, 2012

  • Deployment of Baseline Capabilities of n/g CERTs - Status Report 2012

    This document will familiarise the reader with the current situation in Europe with regards to the n/g CERTs' capabilities, and how these capabilities are deployed.

    Published on December 17, 2012

  • Introduction to Return on Security Investment

    As for any organization, CERTs need to measure their cost-effectiveness, to justify their budget usage and provide supportive arguments for their next budget claim. But organizations often have difficulties to accurately measure the effectiveness...

    Published on December 12, 2012

  • A flair for sharing - encouraging information exchange between CERTs

    This study focuses on the legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental CERTs in Europe.

    Published on December 16, 2011

  • CSIRT Setting up Guide in Hindi

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on March 08, 2011

  • CSIRT Setting up Guide in Chinese

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on March 08, 2011

  • CSIRT Setting up Guide in Swedish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Slovenian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Romanian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Slovak

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Portugese

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Dutch

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Polish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Maltese

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Lithuanian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Latvian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Italian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Hungarian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Irish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Finnish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Estonian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Greek

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Danish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Czech

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • CSIRT Setting up Guide in Bulgarian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2010

  • Baseline Capabilities of National/Governmental CERTs (Part 2 Policy Recommendations)

    This document constitutes a very first attempt to define policy recommendations of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to...

    Published on December 17, 2010

  • Baseline capabilities for national / governmental CERTs (Part 1 Operational Aspects)

    This document constitutes a very first attempt to define a minimum set of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to take part...

    Published on December 15, 2009

  • A basic collection of good practices for running a CSIRT

    Basic set of good practice on how to successfully run a Computer Security and Incident Response team (CSIRT).

    Published on December 22, 2007

  • CSIRT Setting up Guide in Russian

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2006

  • CSIRT Setting up Guide in French

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2006

  • CSIRT Setting up Guide in Spanish

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2006

  • CSIRT Setting up Guide in German

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2006

  • CSIRT Setting up Guide in English

    The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.

    Published on December 22, 2006

  • CERT cooperation and its further facilitation by relevant stakeholders

    The document at hand is dedicated to the cooperation among CERTs and similar entities. It is the first document of its kind, and not only tells the story of cooperation in Europe and beyond, but that also tries to summarise the lessons learned and...

    Published on December 01, 2006

Didn't find what you were looking for?

Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies