Nameshield’s CERT

The CERT’s main missions

• Inci­dent man­age­ment: The NS-CERT cen­tral­izes secu­ri­ty events in order to detect secu­ri­ty inci­dents. The team then man­ages these inci­dents to iden­ti­fy, con­tain, and resolve them as effec­tive­ly as pos­si­ble. The NS-CERT also per­forms a root cause analy­sis on each inci­dent to imple­ment the right mea­sures to ensure that they do not hap­pen again.
• Secu­ri­ty spe­cial­ist: The secu­ri­ty team acts as the experts in respond­ing to var­i­ous infor­ma­tion sys­tem secu­ri­ty requests. NS-CERT guides tech­ni­cal teams in iden­ti­fy­ing risks and imple­ment­ing mea­sures relat­ing to any sus­pi­cious changes.
• Aware­ness: The NS-CERT ensures that a high secu­ri­ty lev­el is main­tained for all Nameshield­’s employ­ees through exten­sive, per­son­al­ized aware­ness train­ing. Sim­u­la­tion exer­cis­es are also used to assess the group’s employ­ees’ reflex­es.
• Threat mon­i­tor­ing and detec­tion: The secu­ri­ty team, through its exper­tise and the imple­men­ta­tion of tech­ni­cal tools, is respon­si­ble for mon­i­tor­ing, detect­ing, and assess­ing poten­tial threats which might weigh on the orga­ni­za­tion’s infor­ma­tion sys­tem.
• Pen­e­tra­tion test­ing: The NS-CERT reg­u­lar­ly per­forms inter­nal pen­e­tra­tion tests on the var­i­ous com­po­nents that make up the Nameshield ecosys­tem (web, phys­i­cal secu­ri­ty, net­works, and admin­is­tra­tive process­es) in order to iden­ti­fy poten­tial vul­ner­a­bil­i­ties and non-com­pli­ance with orga­ni­za­tion­al stan­dards. The team is then able to eval­u­ate them to imple­ment the nec­es­sary mea­sures.

For more infor­ma­tion on the NS-CERT, our RFC 2350 doc­u­ment is avail­able through this link.