Versions Compared

Old Version 13

changes.mady.by.user David Heed

Saved on

compared with

New Version Current

changes.mady.by.user Maria Tauson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

1. DOCUMENT INFORMATION

This document complies with RFC 2350.

1.1. Date of Last Update
This is version 1.3.4 6 as of Oct 28Apr 30, 20242025.

1.2. Distribution List for Notifications
This profile is kept up-to-date in the location specified in section 1.3.
E-mail notification of updates are sent to SUNET CERT management and investigators.
Please send any questions about updates to the SUNET CERT team e-mail address: cert@cert.sunet.se.

...

SUNET CERT’s hours of operation are generally restricted to regular business hours, or 08:00 to 17:00 Monday to Friday except public holidays.
For emergency inquires the phone is maintained 24/7 where the SUNET CERT can be escalated through SUNET NOC

...

3. CHARTER

3.1. Mission Statement

The SUNET CERT mission is to coordinate and inform about support IT-security related issues work for all organizations affiliated with SUNET. SUNET CERT is responsible for IT security work in Sunet and in Sunet's customersservices.
SUNET CERT also establishes and maintain networks with other CSIRT:s in Sweden and abroad and participate in national and international organizations for CERT cooperation.
It's also the mission for SUNET CERT to monitor that all organisations are acting in compliance with the SUNET IT-security policy.

...

5.1. Incident Response (Triage, Coordination, and Resolution)
SUNET CERT offers the services :(Using FIRST CSIRT Services Framework):

Information Security Incident Management:

  • Information security incident report acceptance
  • Information security incidents analysis
  • Information security incident coordination
  • Crisis management support

Vulnerability Management

  • Vulnerability report intake
  • Vulnerability analysis
  • Vulnerability coordination
  • Vulnerability disclosure
  • Vulnerability response

Situational Awareness

  • Data acquisition
  • Analysis and synthesis
  • Communication

Knowledge Transfer

  • Awareness building
  • Training and education
  • Exercises
  • Technical and policy advisory
  • IT security incident analysis (triage, information collection and coordination.)
  • Vulnerability detection and scanning.
  • Awareness building through reach out, workshops and community gatherings.
  • Crisis exercises

...

6. INCIDENT REPORTING FORMS

...

7. DISCLAIMERS

None.

...

Revision:

1.3.6 2025-04-30 Updated Mission and Services /MT
1.3.5 2025-01-31 Reviewed /DH

1.3.4 2024-10-28 Updated link reference and phone info 2.11. Removed Crisis exercise as its part of Security center /DH

1.3.3 2024-05-24 Updated 3.4 /MT

...