Skip to content
/ CNW Public

Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States’ appointed CSIRTs and CERT-EU.

csirtsnetwork.eu/
49 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

enisaeu/CNW

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

485 Commits
advisories
advisories
 
 
graphics
graphics
 
 
.DS_Store
.DS_Store
 
 
ENISA_CVD_policy.md
ENISA_CVD_policy.md
 
 
README.md
README.md
 
 
heightened.md
heightened.md
 
 
ransomware.md
ransomware.md
 
 

Repository files navigation

CSIRTs Network

For more information about the EU CSIRTs network, its members and how to get in contact please visit https://csirtsnetwork.eu/

Please note that the list of publications by CSIRTs NW members and partners is currently under construction.

CSIRTs Network - Security Guidance

Guidance publications

Advisory collections

Security best-practices

Vulnerability Handling

CNW Member Warnings and Advisories

CNW Member Repositories

Trainings

Business Continuity

Backups

Country Organisation Language Material
EU ENISA EN Guidance on Secure Backups (1 September 2021)
LU CIRCL EN TR-55 - SquashFu - an alternate Open Source Backup solution, resilient to Crypto Ransomware attacks (12 September 2018)

DDoS protection

Country Organisation Language Material
AT CERT-AT DE DDoS Angriffe gegen Unternehmen in Österreich
BE CERT.be FR DDOS: protection et prévention [PDF]
DE BSI DE Praktische Informationen zur Vermeidung von DDoS-Anfällen und Hilfestellungen bei der Reaktion
FI NCSC-FI FI Neuvoja palvelunestohyökkäyksen estämiseksi [PDF]
FR CERT-FR FR Comprendre et anticiper les attaques DDoS [PDF]
HU NCSC-HU HU Védekezés a szolgáltatás megtagadásra irányuló DOS támadások ellen [PDF] (10 March 2022)
LT CERT-LT LT APSAUGA NUO PASLAUGŲ TRIKDYMO KIBERNETINIŲ ATAKŲ [PDF] (5 November 2021)
LU CIRCL EN TR-19 - UDP Protocols Security - Recommendations To Avoid or Limit DDoS reflection / amplification (8 July 2015)
NL NCSC-NL NL Factsheet Continuïteit van online diensten (02 March 2023)
NL NCSC-NL NL Factsheet Technische maatregelen voor continuïteit voor online diensten (02 March 2023)
PL KNF CSIRT PL Dobre praktyki w zakresieprzeciwdziałania atakom DDoS [PDF]
PL KNF CSIRT EN Good Practices in DDoS countermeasures [PDF]
SE CERT-SE SE Råd gällande förebyggande och hantering av överbelastningsangrepp (21 February 2023)

Authentication

Country Organisation Language Material
NL NCSC-NL EN Factsheet Mature authentication - use of secure authentication tools (09 June 2022)
NL NCSC-NL NL Factsheet Gebruik tweefactorauthenticatie (17 March 2023)
PL CERT-PL PL Hasła - Materiałów, kierowany do wielu grup odbiorców

Network Security / Architecture

Country Organisation Language Material
NL NCSC-NL EN Factsheet Prepare for Zero Trust (18 August 2021)
NL NCSC-NL NL Factsheet SOC inrichten: begin klein (03 May 2023)
NL NCSC-NL EN Factsheet Managing edge devices (10 June 2024)
NL NCSC-NL NL Kennisproduct Omgaan met edge devices (10 June 2024)

Cloud Security

Country Organisation Language Material
DE BSI DE Cloud Computing Grundlagen
FR ANSSI FR Prestataires de service d’informatique en nuage (SecNumCloud)
FR ANSSI FR RECOMMANDATIONS POUR L’HÉBERGEMENT DANS LE CLOUD DES SYSTÈMES D’INFORMATION SENSIBLES [PDF]
FR ANSSI FR Recommendations on hosting sensitive IS in the cloud
EU ENISA EN Cloud Security - Publication Node
NL NCSC-NL EN Factscheet 5 recommendations for securely purchasing cloud services (31 December 2020)

Monitoring / Logging

Country Organisation Language Material
EU ENISA EN Proactive detection – Measures and information sources (26 May 2020)

Email Security

Country Organisation Language Material
CZ NÚKIB EN Methods of increasing the protection of email systems [PDF]
EUI CERT-EU EN E-Mail Sender Adress Forgery Mitigation [PDF]
EUI CERT-EU EN DMARC — Defeating E-Mail Abuse [PDF]
LU CIRCL EN TR-60 - Phishing - Effects and precautions (26 June 2020)
PL CERT-PL PL Mechanizmy weryfikacji nadawcy wiadomości

Incident Response

Country Organisation Language Material
EUI CERT-EU EN Data Acquisition Guidelines for Investigation Purposes (2019)
EU ENISA EN Standards and tools for exchange and processing of actionable information (19 January 2015)

Webserver Security

Country Organisation Language Material
LU CIRCL EN TR-26 - Security Recommendations for Web Content Management Systems and Web Servers (28 April 2015)
LU CIRCL EN TR-66 - Webservers with mod_status like debug modules publicly available leak information (6 December 2021)

Industrial Control System / IOT Security

Country Organisation Language Material
DE BSI EN Industrial Control System Security
DE BSI DE Industrielle Steuerungs- und Automatisierungssysteme (ICS)]
DE BSI EN Industrial Control System Security: Top 10 threats and countermeasures 2022
HU NCSC-HU & SeConSys HU Villamosenergetikai ipari felügyeleti rendszerek kiberbiztonsági kézikönyve 2022 [PDF] (3 March 2022)
NL NCSC-NL NL Basis-beveiligingsmaatregelen Slimme Apparaten (IoT) (25 March 2023)

Additional Publications

Country Organisation Language Material
FI NCSC-FI EN Applying artificial intelligence in cybersecurity [PDF] (13 March 2024)
EUI CERT-EU / ENISA EN Boosting your Organisation's Cyber Resilience - Joint Publication (14 February 2022)
EUI CERT-EU EN Cybersecurity mitigation measures against critical threats [PDF] (09 March 2022)
FI NCSC-FI EN Keeping your information secure both at home and at work (12 May 2020)
NL NCSC-NL EN Guide to Cyber Security Measures (05 August 2021)
NL NCSC-NL NL Factsheet Open Source Security (24 May 2023)
LU CIRCL EN TR-47 - Recommendations regarding Abuse handling for ISPs and registrars (23 February 2017)

Vulnerability Handling

Vulnerability Disclosure Policies

Country Organisation Language CNA Policy/Reporting
BE CCB EN No Vulnerability reporting to the CCB (15 February 2023)
BE CCB FR No Signalement des vulnérabilités au CCB (15 février 2023)
DE CERT-Bund DE No Leitlinie und Richtlinie für Sicherheitsforschende (Dezember 2022)
DE CERT-Bund EN No BSI CVD guideline for security researchers (December 2022)
ES INCIBE-CERT EN Yes Vulnerability disclosure policy
ES INCIBE-CERT ES Yes CVE Assignment and publication
EU ENISA EN Yes ENISA Coordinated Vulnerability Disclosure Policy
EUI CERT-EU EN No Coordinated vulnerability disclosure policy
FI NCSC-FI EN Yes Vulnerability Coordination and Reporting
FR ANSSI FR No Vous souhaitez déclarer une faille de sécurité ?
NL NCSC-NL EN Yes Coordinated Vulnerability Disclosure: the Guideline (02 October 2018)
PL CERT-PL EN Yes Reporting vulnerabilities to CERT Polska
SK SK-CERT EN Yes Vulnerability Reporting Guideline (07 October 2019)
LU CIRCL EN No Responsible Vulnerability Disclosure (October 2019)
LV CERT-LV EN No Responsible Vulnerability Disclosure (September 2019)

Vulnerability Scanning

Country Organisation Language Material
DE BSI DE Schwachstellen-Analyse in Netzen unter Einsatz von OpenVAS [PDF]
PL CERT-PL EN Artemis vulnerability scanner is now open source

CNW Member Warnings and Advisories

Country Organisation Language Material
AT CERT-AT DE CERT-AT Warnungen
AT CERT-AT DE CERT-AT Aktuelles
BG CERT.bg BG Warnings
BE CERT.be EN CERT.be Advisories
CZ CERT.cz CS Aktuálně z bezpečnosti
CZ GovCERT.CZ CS Hrozby a zranitelnosti
DE CERT-Bund DE WID - Aktuelle Sicherheitshinweise
DE BSI DE Cyber-Sicherheitswarnungen
EE CERT-EE EE Turvanõrkuste ülevaated
ES CCN-CERT ES Alertas CCN-CERT
ES CCN-CERT ES Avisos CCN-CERT
ES INCIBE-CERT ES Avisos de seguridad
ES INCIBE-CERT ES Avisos SCI
EUI CERT-EU EN CERT-EU Security Advisories
FI NCSC-FI FI Haavoittuvuudet
FI NCSC-FI EN Alerts
FR CERT-FR FR Alerte de sécurité
FR CERT-FR FR Avis de sécurité
GR GR-CSIRT EN Vulnerability Archive
HR CERT.hr HR cert cve
HR ZSIS HR Security announcements
HU NCSC-HU HU Sérülékenységek
IE NCSC-IE EN Alerts & Advisories
IT CERT Italia IT CERT News
LT CERT LT LT Rekomendacijos
LU CIRCL EN Publications
LV CERT-LV LV Brīdinājumi
NL NCSC-NL NL Overzicht gepubliceerde Advisories
PL CERT-PL PL Kategoria CVE
PT CNCS PT CNCS Alertas
RO DNSC RO CERT-RO ALERTĂ
SE CERT-SE SV Nyheter
SK SK-CERT SK Aktuálne hrozby
SI SI-CERT SL Varnostna obvestila

CNW Member Repositories

Country Organisation Language Material
AT CERT-AT EN CERT-AT Github
CZ NÚKIB EN/CS NÚKIB GitHub
DE BSI EN BSI Github
DE CERT-Bund EN CERT-Bund Github
EE CERT-EE EN CERT-EE Github
ES CCN-CERT EN CCN-CERT Github
ES INCIBE-CERT EN INCIBE-CERT Github
EUI CERT-EU EN CERT-EU Github
EU CNW Tooling WG EN CSIRT Tooling Github
FR ANSSI EN ANSSI Github
LU CIRCL EN CIRCL Github
LU Govert.LU EN Govcert.lu Github
NL NCSC-NL EN NCSC-NL Github
PL CERT-PL EN CERT-PL Github
SK SK-CERT EN SK-CERT Github

Training Material

Country Organisation Language Material
EU ENISA EN Online Trainings Resources (Technical, Operational, Setting up a CSIRT, Legal & Cooperation
LU CIRCL EN MISP - Open Source Threat Intelligence Platform training materials

For more information about CSIRTs Network Members and how to get in contact please visit https://csirtsnetwork.eu/

About

Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States’ appointed CSIRTs and CERT-EU.

csirtsnetwork.eu/

Resources

Readme
Activity
Custom properties

Stars

49 stars

Watchers

15 watching

Forks

18 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 11