CSIRT

COMPUTER SECURITY INCIDENT RESPONSE TEAM

  • Member of the CERT.LU initiative
  • Email address of the POST Cyberforce CSIRT team <csirt(at)post.lu> (PGP key)
  • PGP Fingerprint of our emergency address: 6586 B96E D307 700C 3034 75C6 B6B3 D39C 1C94 BB50
  • ISO 27001/27035 standards oriented
  • Document RFC 2350 | (sig)

Our missions

The missions of our POST Cyberforce CSIRT are to manage security incidents and thus protect our customers on time. We protect our customers by:

  • Preparing, Elucidating, Analyzing, Containing and Eradicating (PEACE) cyberattacks
  • Recovering and reinstating services
  • Learning lessons from incidents and continuously improving and preparing to face new attacks as a loop

Reactive services: act when security incidents happen

  • Report acceptance
  • Analysis
  • Evidence collection
  • Mitigation and Recovery
  • Coordination center
  • Crisis management support

Proactive services: act before security incidents happen

Data acquisition

  • Policy distillation and guidance
  • Data collection (feeds, IOCs)

Analysis and synthesis

  • Threat state modeling
  • Threat alerting and hunting

Communication

  • Reporting and recommendations
  • Information sharing

Quality management: Lessons learned after security incidents happen and better prepare before security incidents happen

  • Awareness Building
  • Trainings and Education
  • Exercices
  • Technical advisory

CyberSOS, our CSIRT as a Service

With CyberSOS, we offer you a full protection against cyber threats. CyberSOS covers you, your business, your employees and your IT with assistance services in case of security incidents. (phishing, SPAM, SCAM, Malicious code, Brand security, Data breach, Ransomware…).

The benefits of CyberSOS:

  • CyberSOS: detection, information & remediation
  • Available 24/7
  • Fast and effective reactivity in incident response
  • Trusted by multiple groups and sectors
  • Compliant with ISO standards (27001/27035)
  • Compliant with security standards (ENISA, MITRE ATT&CK, etc...)

How to report a security incident?

PGP Fingerprint : F787 796B B0EA 7CF1 AA9F B493 16B0 8428 48A7 4DEF
It is recommended to fill this form | (sig) to report a security incident