HOME > ABOUT CERT-In


   ROLES & FUNCTIONS

Roles

Reactive
  1. Provide a single point of contact for reporting local problems.
  2. Assist the organisational constituency and general computing community in preventing and handling computer security incidents.
  3. Share information and lessons learned with CERT/CC, other CERTs, response teams, organisations and sites.
  4. Incident Response.
  5. Provide a 24 x 7 security service.
  6. Offer recovery procedures.
  7. Artifact analysis
  8. Incident tracing
Proactive
  1. Issue security guidelines, advisories and timely advise.
  2. Vulnerability analysis and response
  3. Risk Analysis
  4. Security Product evaluation
  5. Collaboration with vendors
  6. National Repository of, and a referral agency for, cyber-intrusions.
  7. Profiling attackers.
  8. Conduct training, research and development.
  9. Interact with vendors and others at large to investigate and provide solutions for incidents.

Functions

Reporting
  • Central point for reporting incidents
  • Database of incidents
Analysis
  • Analysis of trends and patterns of intruder activity
  • Develop preventive strategies for the whole constituency
  • In-depth look at an incident report or an incident activity to determine the scope, priority and threat of the incident.
Response
  • Incident response is a process devoted to restoring affected systems to operation
  • Send out recommendations for recovery from, and containment of damage caused by the incidents.
  • Help the System Administrators take follow up action to prevent recurrence of similar incidents