CSIRT teams in 2015

Among CSIRT/CERT teams in Europe and around the world, the Czech Republic is known for a relatively high number of officially established security teams. Operating mainly within Europe, there is the GÉANT organization, which promotes the development and creation of new security teams through its long-established service Trusted Introducer. It is an initiative that aims to facilitate building of trust between security teams of educational and research institutions, operators, providers and government institutions that, within their address space, deal with security incidents, such as botnets, spam, phishing, open resolvers or more sophisticated incidents . Each team faces very similar, if not identical problems and therefore sharing of experience should be taking place to streamline their work. Withholding important information in this environment, on the other hand, does not usually bring any competitive advantage.

CSIRT tools

No larger team can work with one data source and one incident management system today(at least we don’t know such team yet). That’s why every team is engaged in the development of their own tools or at least their own upgrade for already existing tools.