[The list of guidance publications by CSIRTs NW members and partners is currently under construction.]
- MS Exchange On-Premise "ProxyNotShell" 0-days
- MSDT "Follina" Vulnerability
- Log4j "Log4Shell" Vulnerability
- Business Continuity
- Authentication
- Network Security / Architecture
- Cloud Security
- Monitoring / Logging
- Email Security
- Incident Response
- Industrial Control System Security
- Webserver Security
- Additional Best-Practices
- Vulnerability Handling
- Training Material
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | ENISA | EN | Guidance on Secure Backups (1 September 2021) |
| LU | CIRCL | EN | TR-55 - SquashFu - an alternate Open Source Backup solution, resilient to Crypto Ransomware attacks (12 September 2018) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| AT | CERT-AT | DE | DDoS Angriffe gegen Unternehmen in Österreich |
| BE | CERT-BE | FR | DDOS: protection et prévention [PDF] |
| DE | BSI | DE | Praktische Informationen zur Vermeidung von DDoS-Anfällen und Hilfestellungen bei der Reaktion |
| FI | NCSC-FI | FI | Neuvoja palvelunestohyökkäyksen estämiseksi [PDF] |
| FR | CERT-FR | FR | Comprendre et anticiper les attaques DDoS [PDF] |
| HU | NCSC-HU | HU | Védekezés a szolgáltatás megtagadásra irányuló DOS támadások ellen [PDF] (10 March 2022) |
| LT | CERT-LT | LT | APSAUGA NUO PASLAUGŲ TRIKDYMO KIBERNETINIŲ ATAKŲ [PDF] (5 November 2021) |
| LU | CIRCL | EN | TR-19 - UDP Protocols Security - Recommendations To Avoid or Limit DDoS reflection / amplification (8 July 2015) |
| PL | KNF CSIRT | PL | Dobre praktyki w zakresieprzeciwdziałania atakom DDoS [PDF] |
| PL | KNF CSIRT | EN | Good Practices in DDoS countermeasures [PDF] |
| Country | Organisation | Language | Material |
|---|---|---|---|
| PL | CERT-PL | PL | Hasła - Materiałów, kierowany do wielu grup odbiorców" |
| Country | Organisation | Language | Material |
|---|---|---|---|
| NL | NCSC-NL | EN | Factsheet "Prepare for Zero Trust" (18 August 2021) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| NL | NCSC-NL | EN | Factscheet "5 recommendations for securely purchasing cloud services" (31 December 2020) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | ENISA | EN | Proactive detection – Measures and information sources (26 May 2020) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EUI | CERT-EU | EN | E-Mail Sender Adress Forgery Mitigation [PDF] |
| EUI | CERT-EU | EN | DMARC — Defeating E-Mail Abuse [PDF] |
| LU | CIRCL | EN | TR-60 - Phishing - Effects and precautions (26 June 2020) |
| PL | CERT-PL | PL | Mechanizmy weryfikacji nadawcy wiadomości |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | ENISA | EN | Standards and tools for exchange and processing of actionable information (19 January 2015) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| LU | CIRCL | EN | TR-26 - Security Recommendations for Web Content Management Systems and Web Servers (28 April 2015) |
| LU | CIRCL | EN | TR-66 - Webservers with mod_status like debug modules publicly available leak information (6 December 2021) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| DE | BSI | EN | Industrial Control System Security |
| DE | BSI | DE | Industrielle Steuerungs- und Automatisierungssysteme (ICS) |
| DE | BSI | EN | Industrial Control System Security: Top 10 threats and countermeasures 2022 |
| HU | NCSC-HU & SeConSys | HU | Villamosenergetikai ipari felügyeleti rendszerek kiberbiztonsági kézikönyve 2022 [PDF] (3 March 2022) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | CERT-EU / ENISA | EN | Boosting your Organisation's Cyber Resilience - Joint Publication (14 February 2022) |
| EU | CERT-EU | EN | Cybersecurity mitigation measures against critical threats [PDF] (09 March 2022) |
| FI | NCSC-FI | EN | Keeping your information secure both at home and at work (12 May 2020) |
| NL | NCSC-NL | EN | Guide to Cyber Security Measures (05 August 2021) |
| LU | CIRCL | EN | TR-47 - Recommendations regarding Abuse handling for ISPs and registrars (23 February 2017) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | ENISA | EN | Coordinated Vulnerability Disclosure policies in the EU |
| FI | NCSC-FI | EN | Vulnerability Coordination and Reporting |
| NL | NCSC-NL | EN | Coordinated Vulnerability Disclosure: the Guideline (02 October 2018) |
| SK | SK-CERT | EN | Vulnerability Reporting Guideline (07 October 2019) |
| LU | CIRCL | EN | Responsible Vulnerability Disclosure (October 2019) |
| LV | CERT-LV | EN | Responsible Vulnerability Disclosure (September 2019) |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | CERT-EU | EN | CERT-EU Security Advisories |
| FR | CERT-FR | FR | Avis de sécurité |
| DE | CERT-Bund | DE | CERT-Bund Warn- und Informationsdienste |
| NL | NCSC-NL | NL | Overzicht gepubliceerde Advisories |
| Country | Organisation | Language | Material |
|---|---|---|---|
| DE | BSI | DE | Schwachstellen-Analyse in Netzen unter Einsatz von OpenVAS [PDF] |
| Country | Organisation | Language | Material |
|---|---|---|---|
| AT | CERT-AT | EN | CERT-AT Github |
| DE | BSI | EN | BSI Github |
| DE | CERT-Bund | EN | CERT-Bund Github |
| EE | CERT-EE | EN | CERT-EE Github |
| ES | CCN-CERT | EN | CCN-CERT Github |
| ES | INCIBE | EN | INCIBE Github |
| FR | ANSSI | EN | ANSSI Github |
| LU | CIRCL | EN | CIRCL Github |
| NL | NCSC-NL | EN | NCSC-NL Github |
| PL | CERT-PL | EN | CERT-PL Github |
| SK | SK-CERT | EN | SK-CERT Github |
| Country | Organisation | Language | Material |
|---|---|---|---|
| EU | ENISA | EN | Online Trainings Resources (Technical, Operational, Setting up a CSIRT, Legal & Cooperation) |
| LU | CIRCL | EN | MISP - Open Source Threat Intelligence Platform |
For more information about CSIRTs Network Members and how to get in contact please visit https://csirtsnetwork.eu/