-
ENISA CSIRT Maturity Framework - Updated and improved
This document presents the updated and improved version of ENISA’s Computer Security Incident Response Teams (CSIRT) Maturity Framework that is intended to contribute to the enhancement of the capacity to manage cyber incidents, with a focus on...
Published on February 23, 2022 -
Situational Report on Microsoft Exchange Vulnerabilities
This ENISA situation report provides an assessment as well as advice and mitigation measures for the MS Exchange vulnerabilities. The threat for the new updates has been assessed as severe and ENISA considers attacks probable and of high risk. The...
Published on March 19, 2021 -
Proactive detection - Good practices gap analysis recommendations
The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...
Published on May 26, 2020 -
Proactive detection – Measures and information sources
The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...
Published on May 26, 2020 -
Proactive detection – Survey results
The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident...
Published on May 26, 2020 -
An overview on enhancing technical cooperation between CSIRTs and LE
This report aims to support the cooperation between CSIRTs - in particular, national and governmental CSIRTs, LEAs and the Judiciary – in particular, prosecutors and judges, in their fight against cybercrime, by providing information on the...
Published on May 07, 2020 -
Roadmap on the cooperation between CSIRTS and LE
The purpose of this roadmap is to further explore the cooperation across computer security incident response teams (CSIRTs) in particular with national and governmental - law enforcement (LE) and the Judiciary (prosecutors and judges). This roadmap...
Published on April 02, 2020 -
ENISA CSIRT maturity assessment model
This is the updated version of the "Challenges for National CSIRTs in Europe in 2016: Study on CSIRT Maturity" published by ENISA in 2017. The study takes all relevant information sources into account, with a special emphasis on the NIS Directive...
Published on April 30, 2019 -
ENISA Maturity Evaluation Methodology for CSIRTs
This is the updated version of the "Study on CSIRT Maturity – Evaluation Process" published by ENISA in 2017. The new version (v.2) reflects values that are consistent with other documents and studies on CSIRT maturity.
Published on April 09, 2019 -
Study on CSIRT landscape and IR capabilities in Europe 2025
The objective of this study is to help ENISA identify and draw conclusions about the recent and current evolution of CSIRTs and IR capabilities in Europe towards 2025. Building on the existing knowledge gathered in the European CSIRT inventory, this...
Published on February 06, 2019 -
Maturity Reference for CSIRTs – Executive Summary
The target audience for this study is primarily the middle management layer in the CSIRTs, responsible for increasing the team’s maturity. The study will help them to more easily and quickly implement real maturity improvement, following...
Published on January 15, 2018 -
NIS Directive and national CSIRTs
This is an informative note on what provisions of the upcoming NIS Directive might mean for CSIRTs. It contains references to parts of the Directive, and some comments and proposals from our side. By no means we consider this document fix or final...
Published on February 26, 2016 -
CSIRT Capabilities. How to assess maturity? Guidelines for national and governmental CSIRTs
This report focuses on the maturity of national and governmental Computer Security and Incident Response Teams (CSIRTs) and the Trusted Introducer1 certification scheme for CSIRTs as an indicator of the maturity level of teams. The issues covered...
Published on January 11, 2016 -
ENISA’s CSIRT-related capacity building activities
This report represents the update of an impact assessment of ENISA’s support to CSIRTs in 2014. This updated assessment serves as a basis for a proposed roadmap to 2020. The impact of the ENISA support to the CSIRT community was assessed from a...
Published on November 12, 2015 -
National/governmental CERTs - ENISA's recommendations on baseline capabilities
Having a national / governmental CERTs in place that fulfils the requirements for ’baseline capabilities’ as defined in this document is essential for CIIP in all Member States. However these teams should not be considered as the one and only...
Published on March 20, 2015 -
Impact Analysis and Roadmap
This report represents the outcome of an impact assessment of ENISA’s support to Computer Emergency Response Teams (CERTs) for the period 2005 until today. The impact assessment has served as a basis for a proposed roadmap to 2020. The key...
Published on December 01, 2014 -
CERT community - Recognition mechanisms and schemes
This document provides an overview of existing mechanisms supporting Computer Emergency Response Teams (CERTs) to deploy capabilities necessary for their operations and their maturity level. It introduces these mechanisms according to the CERT...
Published on December 12, 2013 -
Baseline Capabilities of n/g CERTs - Updated Recommendations 2012
This document lists updated set of recommendations on gaps and shortcomings identified in the Status Report 2012. The number of gaps and shortcomings that still need to be addresssed in order for n/g CERTs to fully meet their baseline capabilities...
Published on December 17, 2012 -
Deployment of Baseline Capabilities of n/g CERTs - Status Report 2012
This document will familiarise the reader with the current situation in Europe with regards to the n/g CERTs' capabilities, and how these capabilities are deployed.
Published on December 17, 2012 -
Introduction to Return on Security Investment
As for any organization, CERTs need to measure their cost-effectiveness, to justify their budget usage and provide supportive arguments for their next budget claim. But organizations often have difficulties to accurately measure the effectiveness...
Published on December 12, 2012 -
A flair for sharing - encouraging information exchange between CERTs
This study focuses on the legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental CERTs in Europe.
Published on December 16, 2011 -
CSIRT Setting up Guide in Hindi
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on March 08, 2011 -
CSIRT Setting up Guide in Chinese
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on March 08, 2011 -
CSIRT Setting up Guide in Swedish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Slovenian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Romanian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Slovak
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Portugese
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Dutch
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Polish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Maltese
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Lithuanian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Latvian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Italian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Hungarian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Irish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Finnish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Estonian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Greek
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Danish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Czech
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
CSIRT Setting up Guide in Bulgarian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2010 -
Baseline Capabilities of National/Governmental CERTs (Part 2 Policy Recommendations)
This document constitutes a very first attempt to define policy recommendations of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to...
Published on December 17, 2010 -
Baseline capabilities for national / governmental CERTs (Part 1 Operational Aspects)
This document constitutes a very first attempt to define a minimum set of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to take part...
Published on December 15, 2009 -
A basic collection of good practices for running a CSIRT
Basic set of good practice on how to successfully run a Computer Security and Incident Response team (CSIRT).
Published on December 22, 2007 -
CSIRT Setting up Guide in Russian
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2006 -
CSIRT Setting up Guide in French
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2006 -
CSIRT Setting up Guide in Spanish
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2006 -
CSIRT Setting up Guide in German
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2006 -
CSIRT Setting up Guide in English
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Published on December 22, 2006 -
CERT cooperation and its further facilitation by relevant stakeholders
The document at hand is dedicated to the cooperation among CERTs and similar entities. It is the first document of its kind, and not only tells the story of cooperation in Europe and beyond, but that also tries to summarise the lessons learned and...
Published on December 01, 2006
Browse the Topics