The FCCN unit of the Foundation for Science and Technology has just launched a new website: RCTS CERT, the service for responding to computer security incidents originating from or targeting RCTS – Science, Technology, and Society Network. The service's core mission will continue to be to contribute to cybersecurity efforts within the RCTS user community. The new website features a new design, intended to make navigation more intuitive.
This change is primarily due to a need for renewal and is now taking place with the aim of placing greater emphasis on the various components of the service that the incident response team (RCTS CERT) provides to the RCTS community.
Regarding the service components offered, the following are worth highlighting:
- DNS FIREWALL, a mechanism that makes it more difficult for malware to infect systems by altering DNS protocol responses when requesting resolution of domain names already identified as malicious. It can prevent infections based on prior knowledge of the malicious nature of various domains and assist system administrators in identifying already infected systems. It is based on the DNS name resolution service, and the list of malicious domains is updated daily, without human intervention, and based on various information sources. It is important to keep in mind that, unfortunately, new malicious domains are identified every day.
- THE Vulnerability Management Service allows you to monitor known vulnerabilities across a well-defined set of an organization's web services, especially suited for highly relevant institutional websites with a high degree of exposure. New vulnerabilities are discovered every day, so monitoring and remediation efforts must be continuous and timely. The service assesses (and reassesses) vulnerabilities in services. web and offers recommendations on how to proceed to mitigate the (inevitable) vulnerabilities identified.
- Audit Service, which aims to respond to specific requests for security audits on specific services. It performs preventive security analysis on services and makes suggestions for mitigating any vulnerabilities found. It is especially recommended before launching a new website or after a major redesign of a given service (configurations, platform or solution change), because through analysis using a proven methodology (with human intervention), vulnerabilities can be identified that need to be rectified, which will help prevent certain types of incidents.
- Intrusion Detection System as a Service (IDSaaS): This system operates from a detection perspective, based on predetermined traffic patterns (called signatures) to identify potentially malicious activity. Since this mechanism involves the use of both specific hardware and expertise, the FCCN unit provides this service centrally (in Lisbon and Porto) when traffic analysis is possible. Malicious activity is detected and compromised systems or services are identified, with the ability to notify external contacts of external network abuse and/or generate alarms.
- Service Campaigns Phishing, aimed at all entities linked to RCTS, with the aim of preparing its users for situations in which they are targeted by cybercriminals. The logical aftermath of a Cybercrime Campaign Phishing is an awareness session on the dangers we all face. This aims to empower users to identify toxic content sent via email.
Visit www.cert.rcts.pt to learn about the new RCTS CERT portal and how to request the various components of the security services made available to your entity.
