ONSITE • REMOTE • ONLINE • CLOUD
One eSecurity's CERT/CSIRT Service offers our clients our knowledge and experience for the establishment or improvement of Computer Security Incident Response Teams (CERT/CSIRT).
Our team will work together with our clients on the definition, integration and evolution of the following five vital CERT/CSIRT components:
Our experienced team has been working on the implementation and improvement of CSIRT services for more than 10 years, and actively involved in the evolution of this community until the present FIRST CSIRT Services Framework, the de facto standard.
Both during the definition phase of a new CERT/CSIRT, and during its implementation, it is important to think about the services and the evolution of the team, and the maturity. For that purpose One eSecurity uses the SIM3 (Security Incident Management Maturity Model) as a reference. This model has parameters grouped in 4 categories:
Based on One eSecurity experience and international best practices, we usually approach CERT/CSIRT projects in two main phases:
Planning Phase
Definition
Establishment
Scope
Organization and HR
Implementation Phase
Human Resources selection
Training
IT facilities and infrastructure
Operational policies and procedures
A Team of leaders in the field of CERT/CSIRT
Our team is formed by experts with 15 years of experience working in several CERT/CSIRT, from different sectors and economies on a leading role. Despite of the CERT/CSIRT experience our team is structured in Emergency Incident Response, Digital Forensics, Cyber Threat Intelligence and Threat Hunting departments that will analyze and investigate any threat detected.
For a CERT/CSIRT it is important to have an experienced team who is comfortable, and confident, on high-pressure situations during an incident. The One eSecurity Emergency Incident Response Team has worked with some of the largest enterprises in the world, and responded to some of the most devastating and high-profile cyber attacks of recent times.
Flexibility
One eSecurity experts have been involved on CERT/CSIRT design and creation process of several teams in different sectors (banking, energy, government, national). This is important as every company, or government, has their own requirements. This service offers our clients the flexibility to integrate with current capacities, and improve them in any part of the world.
Integration
CERT/CSIRT team needs to be integrated on present cybersecurity capabilities including people, processes and tools. Our team has been working on different environments, and based on our experience, we will make sure our processes are integrated with the client's existing processes and infrastructure.
CERT/CSIRT community
One eSecurity experts have been involved in the CERT/CSIRT community for the last 15 years, with strong relationships and contacts worldwide. Based on the experience on all this time, our team can offer a lots of experience in all the CERT/CSIRT communities worldwide, as they have been involved in community building projects at national and international levels.
Emergency Incident Response | Threat Hunting | Cyber Threat Intelligence |
---|---|---|
One eSecurity Emergency Incident Response is aimed at clients who need agile response and support when a security incident happens. | Our Threat Hunting service combines the analytic capacity of our most experienced experts with the power and automation of our Hunting Framework, offering a continuous and proactive threat search process in both networks and systems. | The Cyber Threat Intelligence service by One eSecurity provides (both internally and for clients) knowledge and information on key threats for decision-making and forecasts of risk situations on IT systems and networks. |
Learn more | Learn more | Learn more |