brmlab

User Tools

Site Tools

You are here: Hackerspace Prague » Projects » CSIRT
project:csirt:start

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
project:csirt:start [2017/06/08 18:47] – [BRMlab Computer Security Incident Response Team] ruzaproject:csirt:start [2018/05/04 07:44] (current) ruza
Line 17: Line 17:
 ===== BRMlab Computer Security Incident Response Team ===== ===== BRMlab Computer Security Incident Response Team =====
  
-[[wp>Hackerspace]]s and [[wp>CSIRT]]s are both organizations that are focused on computer security so they can benefit from each other. Also hackerspace is a place where young potentially talented people come to socialize. The value of an hackerspace organized CSIRT would be to engage such young talents into CSIRT oriented cybersecurity activities.+[[wp>Hackerspace]]s and [[wp>CSIRT]]s are both organizations that are focused on computer security so they can benefit from each other. 
 + 
 +Alsohackerspace is a place where young potentially talented people come to socialize. The value of hackerspace organized CSIRT would be to engage such young talents into CSIRT oriented cybersecurity activities.
  
 ===== How we will establish an CSIRT and which role it will fullfill ===== ===== How we will establish an CSIRT and which role it will fullfill =====
Line 45: Line 47:
 ===== Can I haz an CSIRT? =^..^= ===== ===== Can I haz an CSIRT? =^..^= =====
  
-Roughly speaking anybody who declares his/her responsibility for providing an incident handling service can. That is the only prerequisite to being considered an **registered** CSIRT. That means responding to requests and reportsand analyzing incidents and events related to the IP_range/infrastructure/etc.+Roughly speaking anybody who declares his/her responsibility for providing an incident handling service can. That is the only prerequisite to being considered an **registered** CSIRT. That means responding to requests and reports and analyzing incidents and events related to the IP_range/infrastructure/etc.
  
 Other topics that CSIRT can do are optional and roughly described in the following overview presentation: Other topics that CSIRT can do are optional and roughly described in the following overview presentation:
Line 63: Line 65:
 3.11.2016 - Internal {{:user:ruza:csirt.pdf|presentation on Talknight}} session.\\ 3.11.2016 - Internal {{:user:ruza:csirt.pdf|presentation on Talknight}} session.\\
 14.11.2016 - {{:user:ruza:brm-csirt.pdf|Brmlab presentation}} on "Pracovni skupina CSIRT"\\ 14.11.2016 - {{:user:ruza:brm-csirt.pdf|Brmlab presentation}} on "Pracovni skupina CSIRT"\\
 +
 +===== Topics on security to improve =====
 +aka i don't know what to do.
 +
 +  * SELinux in Ubuntu is a bit derelict
 +  * debsecan is not working well on Ubuntu
 +  * Can we have privacy aware web browser? ([[user:jenda:spyzilla|]])
 +  * Investigate [[https://wiki.debian.org/SCAPGuide|SCAP]] and its integration with Ubuntu/Debian. Seems that the situation in the RedHat world is noticeably better.
 +    * [[https://www.open-scap.org/security-policies/scap-security-guide/|scap-security-guide]] is not packaged for Ubuntu/Debian.
project/csirt/start.1496947629.txt.gz · Last modified: 2017/06/08 18:47 by ruza