Computer Security Incident Response Team of Excellium Services

Excellium CSIRT: giving your organization effective incident response

Computer Security Incident Response Team of Excellium Services

Excellium CSIRT: giving your organization effective incident response

by webmestre

Excellium CSIRT: giving your organization effective incident response

DATA BREACH [n]: compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected data transmitted, stored or otherwise processed (ISO/IEC 27040:2015)

 Going to Work for You

A Computer Security Incident Response team is a bit like the fire brigade, only instead of putting out fires, they help organizations contain, neutralize, and eradicate intrusions. Just as fire drills help to save lives if a real fire strikes, so careful preparation makes it easier to detect, handle and mitigate actual intrusions.

CERT banner Security Attack

Key Benefits of the Service

CERT-XLM consists of experts able to react in real-time to security incidents. Moreover, intelligent analysis of network and other data can greatly improve threat modeling, which in turn allows customers to develop more effective defences.

Key benefits of CERT-XLM include the following:

  • Improved cyber response capability,
  • Rapid and reliable outsourcing of incident management,
  • Better anticipation of threats,
  • Prevention of incident recurrence,
  • Strengthening human factor weaknesses in cyber security,
  • Improved cyber security maturity through better alignment of people, processes, and technology,
  • Being confident about your cyber security.

CERT-XLM is composed of highly experienced security experts who can handle sophisticated attacks and threats.

CERT-XLM gathers, aggregates, integrates and analyses intelligence feeds.

CERT-XLM also develops tools to identify threats to your infrastructure.

CERT-XLM is member of the CERT.LU initiative and an accredited member of Trusted Introducer.

CERT-XLM as Excellium has held PSF accreditation since 2016.


Mission statement

CERT-XLM is the Computer Security Incident Response Team (CSIRT) of Excellium Services S.A.

The purpose of the CERT-XLM is to assist Excellium customers located in Luxembourg and Belgium by implementing proactive measures to reduce the risks of computer security incidents.

CERT-XLM is also able to manage security incidents or second customer deployed team when such incidents occurs.

Communication and authentication

General rules

The preferred method for contacting the CERT-XLM is via e-mail. If you require urgent assistance, see the RFC2350 Document below for further information.

In view of the types of information that CERT-XLM deals with, telephones will be considered sufficiently secure to be used even unencrypted.

Unencrypted e-mail will not be considered particularly secure, but will be sufficient for the transmission of low-sensitivity data.

If it is necessary to send highly sensitive data (i.e. information classified as Confidential) by e-mail, encryption (preferably PGP) will be used.

All e-mail or data communication originating from CERT-XLM will be digitally signed, using either the generic PGP key mentioned below, or the CERT team members’ own signature keys available in the RFC 2350 document.

Electronic Mail Address

All incident report should be submitted to <CERT(at)excellium-services.com>. This is a mail alias that relays mail to the human(s) on duty for the CERT-XLM.

 Public Keys and Other Encryption Information

The CERT-XLM has a PGP key, whose KeyID is 0xD74E5AC0 . The Public key is available HERE

Advisory

The CERT-XLM publish advisory notes about vulnerabilities found in products during assessments.

Documents

Incident reporting form – Sig
RFC 2350 DocumentSig

Accreditation

CERT-XLM is an accredited CSIRT team of TF-CSIRT Trusted Introducer and member of the CERT.LU initiative

      Trusted Introducer Trusted Introducer

 

Security Consultant
Paul Jung
CONSULTANT

sales@excellium-services.com

Top