CSIRT description of BINCONF CDC

The SOC powered by Binary Confidence, s. r. o.

1/ ABOUT THIS DOCUMENT

This document contains a description for the BINCONF CDC according to RFC 2350. The document provides basic information about the BINCONF CDC, the ways it can be contacted, describes its responsibilities and the services offered.

1.1/ DATE OF LAST UPDATE

This is version 1.1 of 2018/08/03.

1.2/ DISTRIBUTION LIST FOR NOTIFICATIONS

There is no distribution list for notifications.

1.3/ DISTRIBUTION LIST FOR NOTIFICATIONS

The current version of this document is available at https://www.binaryconfidence.com/rfc2350

2/ CONTACT INFORMATION

2.1/ NAME OF THE TEAM

BINCONF CDC

2.2/ ADDRESS

Binary Confidence, s. r. o.
Špitálska
811 01 Bratislava
Slovak Republic

2.3/ TIME ZONE

CET, Central European Time (UTC+1, from the last Sunday in October to the last Saturday in March)
CEST, Central European Summer Time (UTC+2, from the last Sunday in March to the last Saturday in October)

2.4/ TELEPHONE NUMBER

+421 2 321 999 80

2.5/ FACSIMILE NUMBER

Not available

2.6/ OTHER TELECOMMUNICATION

Not available

2.7/ ELECTRONIC MAIL ADDRESS

For the incident reports, please use the address cdc@binconf.com
For the non-incident related messages, please use the info@binconf.com

2.8/ PUBLIC KEYS AND ENCRYPTION INFORMATION

PGP/GnuPG is supported for secure communication. For the incident related communication, you can use this key:

Binconf CDC PGP Key ID: BB517675
<cdc@binconf.com>
Binconf CDC PGP Key Fingerprint: D283F0836A31682BBB8BBB4D44951A86BB517675

2.9/ TEAM MEMBERS

Ján Andraško – Operations manager
jan.andrasko@binconf.com

PGP key ID: 838871A2
<jan.andrasko@binconf.com>
PGP Key Fingerprint: BE2AFC6C896E40ADEFBC5765EC4D92DC838871A2

A full list of BINCONF CDC team members is not publicly available. Team members will identify themselves to the reporting party with their full name in an official communication regarding an incident.

2.10/ OTHER INFORMATION

General information about the BINCONF CDC can be found at https://www.binaryconfidence.com

2.11/ POINTS OF CUSTOMER CONTACT

The preferred method for contacting BINCONF CDC is via e-mail.
Incident reports and related issues should be sent to the address cdc@binconf.com. For general questions please send an e-mail to info@binconf.com.

If it is not possible (or not advisable for security reasons) to use e-mail, the BINCONF CDC can be reached by emergency telephone number +421 917 755 683

Days/Hours of Operation: 09:00 to 17:00 Monday to Friday.

3/ CHARTER

3.1/ MISSION STATEMENT

BINCONF CDC team aims to help the information infrastructure of their clients and partners. BINCONF CDC also handles incidents that originate in networks provided by its clients and are reported to the team by any person or institutions.

3.2/ CONSTITUENCY

BINCONF CDC constituency is primarily clients of Binary Confidence s.r.o. We provide our clients with 24/7 remote IT security monitoring, defense and security incident handling.

3.3/ SPONSORSHIP AND/OR AFFILIATION

BINCONF CDC is part of the Binary Confidence, s. r. o.

3.4/ AUTHORITY

BINCONF CDC is provided by Binary Confidence, s. r. o., officially formed at May 2014. BINCONF CDC does its best for cooperation with clients and other CSIRT teams in the Slovak Republic.

4/ POLICIES

4.1/ TYPES OF INCIDENTS AND LEVEL OF SUPPORT

BINCONF CDC provides incident handling service for IP ranges assigned to Binary Confidence, s. r. o. and their clients.
The level of support given by BINCONF CDC depends on the type and severity of the incident and the type of constituent. The priority of incident is based on apparent severity.
End users of client network are expected to contact their network/system/service administrator for assistance.
No support will be given to the end users.
BINCONF CDC is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.

4.2/ CO-OPERATION, INTERACTION AND DISCLOSURE OF INFORMATION

BINCONF CDC cooperates with other CSIRTs that are members of TF-CSIRT and exchange all necessary information as well with affected network/services administrators. All sensitive data and information are handled confidentially by BINCONF CDC, regardless of its priority. This information is communicated and stored in a secure environment. Information will only be distributed further to other teams and members on a need-to-know base, and preferably in an anonymized fashion.

4.3/ COMMUNICATION AND AUTHENTICATION

E-mails and telephones are used for normal communication in BINCONF CDC. The secured communication – PGP-Encrypted communication is used to send highly sensitive data.

5/ SERVICES

5.1/ INCIDENT RESPONSE

BINCONF CDC will handle the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:

5.1.1/ INCIDENT TRIAGE

Determining whether an incident is authentic.
Determining the incident extent and priority.
Assessing and prioritizing the incident.

5.1.2/ INCIDENT COORDINATION

Determine the involved organizations.
Contact the involved parties to investigate the incident and take the appropriate steps.
Facilitate contact to other parties which can help resolve the incident.
Facilitate contact with other sites which may be involved.
Facilitate contact with appropriate law enforcement officials, if necessary.

5.1.3/ INCIDENT RESOLUTION

Providing advice to the local security teams on appropriate actions.
Follow up on the progress of the concerned local security teams.
Provide assistance in evidence collection and data interpretation. Sharing all important information with constituents and partners.

5.2/ PROACTIVE ACTIVITIES

BINCONF CDC provides proactive services in warning and alerts area to its clients.
BINCONF CDC also tries to raise security awareness in its constituency.

6/ INCIDENT REPORTING FORMS

There is no required format of forms for reporting the incidents to BINCONF CDC.

7/ DISCLAIMERS

While every precaution will be taken in the preparation of information, notifications and alerts, BINCONF CDC assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.