Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Marketing

Computer Emergency Response Team. - T

advertisement 
CERT.
Managed Security Services Security Solutions CERT – Computer Emergency Response Team
Computer Emergency
Response Team.
Background.
As computers play an ever-growing role in social
In line with ITIL-compliant processes, T Systems
CERT offers a single point of contact, the input
point for all ICT security issues and problems of
and business life, so does the risk of possible
its customers. In addition to reactive and preven-
cyber-vandalism.
sulting services for the purpose of continuously
danger from hackers, online theft, fraud and
A successful attacker can corrupt or delete data,
thereby causing not only high financial losses but
also substantial damage to the image of the company affected.
Drawing on experience in various areas of ICT
security and that of T-Systems CERT, launched in
2003, Security Solutions provides services that
enable adequate reaction to and prevention of
tative services, Security Solutions also offers conimproving the security of its customers as part of
T-Systems CERT.
CERT Service contains:
Intrusion Detection.
The aim of Intrusion Detection is to develop
methods for detecting attacks on computer sys-
tems. For example, in the case of a "promising"
such threats beyond the walls of the process-ori-
threat of an attacker, an IDS/IPS would trigger
sive know-how allows:
Network-based IDS/IPS already cover most of
ented company. T-Systems CERT's comprehenTargeted provision of high-quality security
information on ICT vulnerabilities
Detection of security risks and institution of
an alarm and forward it to the appropriate units.
the risks in a network environment. Host-based
IDS/IPS should be used additionally in high
security areas.
preventive measures
T-Systems CERT advises customers on all mat-
tive measures and escalation as needed
aged networks are permanently monitored; if
Central coordination and tracking of prevenAnalysis and evaluation of ICT security incidents
Introduction of countermeasures for ICT
ters of projection, evaluation and piloting. Mananomalies are detected, appropriate countermeasures are introduced.
security incidents
Central coordination and tracking of measu-
res in the event of ICT security incidents
Business flexibility
activities, and thus close interaction with other
services, is typical of this service.
First, the facts must be investigated. To do this,
the aforementioned activities in vulnerability,
critter and forensic analysis are undertaken.
Meanwhile, however, all affected units must be
informed so that preliminary results of analyses
are available as well. This is important for many
reasons - for example, if it turns out that not only
the operating system affected first has a security
gap but also others (e. g. manufacturer-specific
or even technology-specific).
Example for a network-based IDS
Security audits & penetration.
Forensic analysis.
The CERT team has developed a web- and
Forensic Analysis is intended to analyze the
e-mail-based information tool for distributing the
entire course of a security breach. This also in-
portionate to the size of the company. In addition
measures in individual customer areas.
be retraced by a court. Although the documenta-
training level of those responsible for the system
Incident response.
all systems is important to a company. Its aim is
Incident Response represents the most compre-
under civil or criminal law is necessary. Tracing
To achieve this, information about existing securi-
added value for our customers only occurs once
a list of measures can be created from it. Security
an adequate reaction to incidents has been guar-
mation that can lead to the detection of other
anteed.
marginal parameters and changes and thus can
pose. Security audits are conducted as struc-
Thus high demands are made not only on the
if necessary, conducts forensic analyses on be-
term for legal intrusion attempts.
nization and ability to assess incidents correctly.
The complexity of a company's IT structure is proto a pronounced degree of heterogeneity, the
also varies widely. However, the security status of
to bring about a uniformly high level of security.
ty gaps in the IT infrastructure is conveyed so that
audits and penetration tests are used for this pur-
tured surveys; penetration tests are an overall
Announcements.
Announcement refers to the dissemination of in-
announcements that makes it easy to track the
hensive and sophisticated task of a CERT. The
team's technical capacities but also on its orga-
mendations for action.
the security breach can turn up much other inforform the basis for further corrections. The CERT
Team, in cooperation with criminal prosecutions
half of the customer.
provide answers to your questions and further in-
broken down into the following subsections:
clear risk assessments, prioritization and recom-
component if a complaint is filed or other action
among various sections of the organization and
among locations. This also includes the initial
CERT Team of T-Systems views the relevant inforcustomers. The CERT reports form the basis of
forensic analysis, securing evidence is a vital
The concrete features of these services depend
a wide range of activities, possibly distributed
control of consequences. These are the actual
mation, assesses it and forwards it to specific
tion of processes and circumstances is part of
Continued analysis prompts the coordination of
formation about weak points and threats, and if
necessary also measures to eliminate them. The
cludes securing and assessing evidence that can
on the specific customer. We will be happy to
formation at any time.
activities of Incident Response. They can be
Limiting the incident
Eliminating causes
Recovering operations
Pulished by:
Contact:
Corporate Marketing & Communications
Security Solutions
60325 Frankfurt am Main, Germany
Phone: +49 (0)6151 8186105
T-Systems Enterprise Services GmbH
Mainzer Landstrasse 50
Responsible for content:
Security Solutions
T-Systems Enterprise Services GmbH
E-Mail: security-solutions@t-systems.com
Product Marketing Manager: Andreas Brasching
Date of publication 10/2006; subject to change without notice; printed on chlorine-free paper, typix
A high degree of parallelism between various
CERT Advisory
Services.
Modern Business would be simply unimaginable
Audits
security aspects get more and more important
Security checks
without internet technologies. In the last decade
for companies (see following chart).
Number of security cases (US companies) in
thousands:
Managed Security Services Security Improvement Services CERT CERT Advisory Services
Penetration tests
Execution of risk analyses
Security concepts
Product evaluations
Forensic analyses
(Source CERT Coordination Center)
Determining the critical points in a company and
choosing the correct measures and technologies
Audits.
ways easy, however.
Audits are structured surveys aimed at recording
T-Systems supports its customers in this task
(IT) infrastructure. The survey permits graphic
to counter the threats ranged against it is not al-
through competent consultation and services.
Included are:
and evaluating possible deficits in the existing
representation of either the definition of concrete
measures or the security level for management,
Business flexibility
cific security needs in terms of availability, con-
fidentiality and integrity, something that is not
always easy to assess. As part of product evaluation, software and hardware products are exam-
ined with regard to their adequacy in complying
with these requirements.
Forensic analysis.
Forensic analysis is used to analyze the entire
process of a security violation. This includes the
legally permissible preservation and evaluation
of evidence. Although documentation of the
processes and facts is the main component of
forensic analysis, the preservation of evidence
gleaned according to standard criteria (see chart
overleaf). The degree of detail is oriented toward
customer wishes. Audits according to BS 7799,
BSI Basic Protection Handbook or system-specific audits are possible.
Penetration tests.
Penetration tests are another way of evaluating
the security of IT systems or IT safeguards such
scanning the corporate network under investigation.
reported or criminal or civil proceedings consid-
Security concepts are designed to ensure that
can also lead to recognition of many borderline
Security concepts.
the risks of using and operating an IT application
or service falls within reasonable bounds. In addition, a security concept covers the following
points:
of additional modifications.
Execution of risk analyses.
checks) represent a risk. Within the context of
Risk analysis
ploy in order to demonstrate real danger points.
parameters and changes and thus form the basis
Threat analysis
possible – while not checking the actual system
hand, involve the same methods as hackers em-
understanding how a security breach occurs and
Identified danger points (for instance within the
Analysis of protection requirements
configuration. Penetration tests, on the other
ered. Much more information can be gleaned by
Description of the system environment
as firewalls. Audits operate on the principle of
viewing the system in question as holistically as
is an indispensable element if a crime is to be
Measures
Remaining risks
In this context white and black box penetration
Hence, ideally, a security concept is drafted
the tester is familiar with the system configura-
detailed concept – in order to integrate neces-
scope of audits, penetration tests and security
a risk analysis and based on the experience
gained by the specialists conducting them, these
risks are specified with regard to the possible ex-
tent of damage and the likelihood of occurrence.
This enables a selection of protective measures,
before implementation – i.e. as a result of the
whose efficiency bears a reasonable relationship
sary security measures into the overall design
characteristics of these services are principally
Security checks.
shows, once the overall solution has been put
your questions and provide further information.
Security checks are aimed at determining the
at great expense or only partially.
structure in order to judge the threat posed and
Product evaluations.
cause. Security checks are usually conducted by
Besides supporting business processes, modern
tests are possible. This means that in one case
tion, in the other case not.
extent of known flaws within a company’s IT infrapossible damage that their exploitation could
with as little effort as possible. As experience
in place, measures can only be implemented
to the time and expense involved. The actual
customer-specific. We are always glad to answer
Published by:
Contact:
Corporate Marketing & Communications
Security Solutions
60325 Frankfurt am Main, Germany
Phone: +49 (0)6151 8186105
T-Systems Enterprise Services GmbH
Mainzer Landstrasse 50
Responsible for content:
Security Solutions
T-Systems Enterprise Services GmbH
E-Mail: security-solutions@t-systems.com
Product Marketing Manager: Andreas Brasching
Date of publication 10/2006; subject to change without notice; printed on chlorine-free paper, typix
IT solutions must also fulfill the customer’s spe-
Related documents
Business License Change Request
Business License Change Request
How we raised awareness on information security in Slovenia
How we raised awareness on information security in Slovenia
Link - Physics Teacher
Link - Physics Teacher
Business Planning Questions
Business Planning Questions
信息安全概述(An Overview of Information Security)
信息安全概述(An Overview of Information Security)
Change of Program Request Form - The Institute of World Politics
Change of Program Request Form - The Institute of World Politics
Brochure - City and County of Denver
Brochure - City and County of Denver
Credit-free certificates for new academics - Jo Peat
Credit-free certificates for new academics - Jo Peat
How T-Systems Solved Its Data Center Challenges to Offer Dynamic
How T-Systems Solved Its Data Center Challenges to Offer Dynamic
Factsheet Mobile Enterprise Services - T
Factsheet Mobile Enterprise Services - T
T-Systems_de_la_Mar
T-Systems_de_la_Mar
Insights on innovation management practices at
Insights on innovation management practices at
Download
advertisement