Services
Incident response
Incident Triage
All reported incidents are triaged by the Security Operations Center which has 24/7 occupation. In case of emergency, the Security Operations Center calls the KPN-CERT’s watch service. All reports are rated based on risk, impact and priority and handled accordingly.
Incident Coordination
During the resolution of an incident, several steps may be taken, including:
Determining the initial cause of the incident (vulnerability exploited).
Facilitating contact with other sites which may be involved.
Facilitating contact with law enforcement.
Alerting other CERT/CSIRT teams.
Composing announcements to users (other parties).
Escalation and/or crisis management.
Incident Resolution
KPN-CERT is the main point of contact for resolution coordination of security incidents, enforcing a mitigation strategy and the lead in forensic information investigations.
Proactive Activities
The CERT acts as a proactive organ in gathering risk intelligence and, where necessary, distribution of that intelligence throughout the organization and beyond when applicable.