Upload File

technical trainings for certs - enisa · 11 new material presented in 2013 title experts 1 digital...

  • Home
  • Documents
  • Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying
18
www.enisa.europa.eu 1 Technical trainings for CERTs

Upload: others

Post on 08-Jun-2020

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 1

Technical trainings for CERTs

Page 2: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 2

ENISA Supporting the CERT community

https://www.enisa.europa.eu/activities/cert

Page 3: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 3

ENISA CERT training

2008 2012 2013

+ regular trainings in 2013

Page 4: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 4

Content regularly updated and renewed with the help of community

• The creation process of material involves community

• The target audiences feedback will lead to better material

Page 5: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 5

Material available on website

https://www.enisa.europa.eu/activities/cert/support/exercise

https://www.enisa.europa.eu/activities/cert/support/exercise
https://www.enisa.europa.eu/activities/cert/support/exercise
Page 6: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 6

2011 2012 2013

+ Visualising the feeds

Page 7: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 7

Variety of trainings

• For a different levels of experience and expertise

– Legal

– Operational

– Technical

– Cooperation

Page 8: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 8

CII Admin area of responsibility

Page 9: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 9

Page 10: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 10

A: a SIP OPTIONS scanner

in PHP

C: a PHP shell

B: a malicious PDF

D: a PHP photo album

50:50

What is the file from the Remote file inclusion?

(See in /opt/glaspot/trunk/files/)

Page 11: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 11

New material presented in 2013

Title Experts

1 Digital forensics 12

2 Identifying and handling of electronic evidence 13

3 Identifying and handling cyber-crime traces 12

4 Incident handling and cooperation during phishing campaign

9

5 Presenting, correlating and filtering various feeds 6

6 Cooperation in the Area of Cybercrime 7

Page 12: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 12

ENISA 8th annual workshop 'CERTs in Europe' - Part I

Page 13: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 13

ENISA 8th annual workshop 'CERTs in Europe' - Part I

• 3 scenarios from ENISA CERT training/exercise material presented by ENISA trainers

– Honeypots

– Incident handling during an attack on Critical Information

Infrastructure

– Mobile threats incident handling

• Participants rated ENISA training

with 4,4 out of 5 points

Page 14: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 14

ENISA 8th annual workshop 'CERTs in Europe' - Part II

• 2 scenarios from ENISA CERT training/exercise material presented by ENISA trainers

– Presenting, correlating and filtering various feeds

– Identifying and handling of electronic evidence

Page 15: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 15

Recommendations

• Online training material, and handing out material for self-study is good, but…

• Talking with each other actually is useful

• People, who have created or worked together, tend to cooperate in the future

• Every training is a performance and every trainer is an actor

Page 16: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 16

Methodology of ENISA training

• Trainers can come on-site

• Each training is tailored to fulfil the needs of this specific event and audience

Page 17: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 17

Thank you for your attention!

Page 18: Technical trainings for CERTs - ENISA · 11 New material presented in 2013 Title Experts 1 Digital forensics 12 2 Identifying and handling of electronic evidence 13 3 Identifying

www.enisa.europa.eu 18

European Union Agency for Network and Information Security Science and Technology Park of Crete P.O. Box 1309 71001 Heraklion Crete Greece http://www.enisa.europa.eu

Contact details


General Report 2012 | ENISA

ENISA [s efforts related to the NIS Directive · ENISA [s role in supporting MS with OESs ENISA | NIS Directive ENISA WP2017 activities CG WP2017 activities O.1.1.1 - Baseline Security

Enisa Osmancevic Curic - Pramciok

Valueof certs

ENISA Annual Activity Report 2015 | ENISA

Jornada Reindus Enisa Canarias

Enisa 1..docx

ENISA WELCOME GUIDE - Europa

ENISA IT Contingency Plan

Préstamos participativos enisa

ENISA EU CYBERSECURITY AGENCY - CNCS · ENISA –EU CYBERSECURITY AGENCY Krzysztof Silicki ENISA, Deputy Chair of Management ... Guidelines for national CSIRTs on physical security,

ENISA – Cloud Computing Security Strategy - TERENA · ENISA – Cloud Computing ... What is cloud computing –ENISA’ s understanding. . ... benefits of cloud computing

Towards Trustworthy AI - ENISA

Forensic analysis - ENISA

ENISA Threat Landscape - Prisa Digitalboletines.prisadigital.com/ENISA Threat Landscape Published.pdf · 4 ENISA Threat Landscape Responding to the Evolving Threat Environment 2 Introduction

Enisa Osmancevic - Pramciok

Damian Menscher presentation | ENISA

Enisa threat landscape published

Presentación ENISA

ENISA – CERT Inventory

ENISA and CERTs · ENISA and CERTs Results from 2006 A wrap-up and outlook Marco Thorbruegge, ENISA Senior Expert Computer Security and Incident Response 2nd ENISA Workshop CERTs

ENISA Threat Landscape

201506_Presentación ENISA (base)

Full Report | ENISA

ENISA Security Through Collaboration€¦ · Dr. Steve Purser Head of Technical Competence Department, European Network & Information Security Agency (ENISA) 04 October 2011. ENISA

ENISA Annual Activity Report 2014 | ENISA

ENISA – Cloud Computing Security Strategy - TERENA · ENISA – Cloud Computing Security Strategy ... What is cloud computing –ENISA’ s understanding. ... • Cloud Computing:

ENISA PROGRAMMING DOCUMENT

Folleto ENISA

Provider Security Measures - ENISA

ATEROSKLEROZA - Dr Enisa Suljkanovic

SU ENISA · 2020-02-25 · SU ENISA L’Agenzia europea per la sicurezza delle reti e dell'informazione (ENISA), sin dal 2004, si occupa di rendere l’Europa cyber-sicura. ENISA

Cyber Security in Europe - Faculteit Rechtsgeleerdheid · Steve Purser Head of Core Operations Dept. - ENISA. 2 Agenda • About ENISA • The ENISA Threat Landscape • National

ENISA Incident Management Guide

About ENISA