Términos\CERT - Equipo de reacción rápida ante incidentes informáticos

CERT - Equipo de reacción rápida ante incidentes informáticos

Acrónimos: CERT

Ver:

·         FIRST - Forum of Incident Response and Security Teams

·         http://www.cert.org/

·         http://www.ietf.org/rfc/rfc2350

·         Emergencia

principio

Organización especializada en responder inmediatamente a incidentes relacionados con la seguridad de las redes o los equipos. También publica alertas sobre amenazas y vulnerabilidades de los sistemas. En general tiene como misiones elevar la seguridad de los sistemas de los usuarios y atender a los incidentes que se produzcan.

principio

Typically an operational team or centre that provides advice and mitigations against cyber attacks for businesses, government and individuals. [CSS NZ:2011]

principio

(I) An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security. (See: CSIRT, security incident.) [RFC4949:2007]

principio

A team that provides initial emergency-response aid and triage services to the victims or potential victims of cyber operations or cyber crimes, usually in a manner that involves coordination between private sector and governmental entities. These teams also maintain situational awareness about hacker activitiesand new developments in the design and use of malware, providing defenders of computer networks with advice on how to address security threats and vulnerabilities associated with those activities and malware.

The Tallinn Manual, 2013

principio

Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents. Also called a Computer Security Incident Response Team (CSIRT) or a CIRC (Computer Incident Response Center, Computer Incident Response Capability or Cyber Incident Response Team). [CNSSI_4009:2010]

principio

(I) An organization "that coordinates and supports the response to security incidents that involve sites within a defined constituency." [R2350] (See: CERT, FIRST, security incident.) [RFC4949:2007]

principio

A capability set up for the purpose of assisting in responding to computer security-related incidents; also called a Computer Incident Response Team (CIRT) or a CIRC (Computer Incident Response Center, Computer Incident Response Capability). [NIST-SP800-61:2004]

principio

An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.

principio

A CERT is an organisation that studies computer and network security in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and to offer other information to help improve computer and network security.

http://www.enisa.europa.eu/

principio

Over time, the CERTs (see above) extended their services from being a mere reaction force to a more complete security service provider, including preventive services like alerting or advisories and security management services. Therefore, the term CERT was not considered to be sufficient. As a result, the new term CSIRT was established in the end of the -90-ies. At the moment, both terms (CERT and CSIRT) are used in a synonymous manner, with CSIRT being the more precise term.

http://www.enisa.eu.int/

principio

An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.

http://www.sans.org/security-resources/glossary-of-terms/

principio

Organisation spécialisée dans la gestion et la réponse aux incidents informatiques. Elle est en charge du suivi de l'incident (enregistrement) afin d'en déterminer la cause et de trouver des actions correctives. A l'origine, il s'agit d'une organisation américaine (Institut de génie logiciel de l'université de Carnegie Mellon ? Pittsburgh / USA) spécialisée dans la sécurité informatique. Depuis, chaque pays industrialisé à mis en place au moins une structure CERT nationale, qui établit également des alertes sécurité relatives aux failles détectées et aux solutions de protection en fonction des incidents relevés au niveau international.

http://www.cases.public.lu/functions/glossaire/

principio

Équipe de l'université de Carnegie-Mellon, créée en 1988 après une célèbre diffusion d'un ver (worm) sur Internet, et dédiée à la veille en sécurité informatique.

CERT  publie régulièrement des avis/alertes sur les failles de sécurité découvertes.

Le modèle du CERT est classiquement repris au sein des grandes entreprises ou administrations pour constituer des équipes de veille en sécurité ou de réaction sur incident de sécurité (Security incident response team). En France, le CERT/A assure cette fonction vis-à-vis des grandes administrations françaises.

http://securit.free.fr/glossaire.htm

principio

CERT français, CERT/A est une structure d'alerte et d'assistance chargée de coordonner les réactions aux attaques sur les systèmes d'informations des administrations de l'État. Le CERT/A est rattaché à la Direction Centrale de la Sécurité des Systèmes d'Information (DCSSI).

http://www.certa.ssi.gouv.fr/

principio