CSIRT description of BINCONF CDC, The SOC powered by Binary Confidence, s. r. o.

  1. ABOUT THIS DOCUMENT
    This document contains a description for the BINCONF CDC according to RFC 2350. The document provides basic information about the BINCONF CDC, the ways it can be contacted, describes its responsibilities and the services offered.
    1. DATE OF LAST UPDATE
      This is version 1.1 of 2018/08/03.
    2. DISTRIBUTION LIST FOR NOTIFICATIONS
      There is no distribution list for notifications.
    3. LOCATIONS WHERE THIS DOCUMENT MAY BE FOUND
      The current version of this document is available at https://www.binaryconfidence.com/rfc2350
  2. CONTACT INFORMATION
    1. NAME OF THE TEAM
      BINCONF CDC
    2. ADDRESS
      Binary Confidence, s. r. o.
      Špitálska
      811 01 Bratislava
      Slovak Republic
    3. TIME ZONE
      CET, Central European Time (UTC+1, from the last Sunday in October to the last Saturday in March)
      CEST, Central European Summer Time (UTC+2, from the last Sunday in March to the last Saturday in October)
    4. TELEPHONE NUMBER
      +421 2 321 999 80
    5. FACSIMILE NUMBER
      Not available
    6. OTHER TELECOMMUNICATION
      Not available
    7. ELECTRONIC MAIL ADDRESS
      For the incident reports, please use the address cdc@binconf.com
      For the non-incident related messages, please use the info@binconf.com
    8. PUBLIC KEYS AND ENCRYPTION INFORMATION
      PGP/GnuPG is supported for secure communication. For the incident related communication, you can use this key:

      Binconf CDC PGP Key ID: BB517675
      <cdc@binconf.com>
      Binconf CDC PGP Key Fingerprint: D283F0836A31682BBB8BBB4D44951A86BB517675

    9. TEAM MEMBERS

      Ján Andraško – Operations manager
      jan.andrasko@binconf.com

      PGP key ID: 838871A2
      <jan.andrasko@binconf.com>
      PGP Key Fingerprint: BE2AFC6C896E40ADEFBC5765EC4D92DC838871A2

      A full list of BINCONF CDC team members is not publicly available. Team members will identify themselves to the reporting party with their full name in an official communication regarding an incident.

    10. OTHER INFORMATION
      General information about the BINCONF CDC can be found at https://www.binaryconfidence.com
    11. POINTS OF CUSTOMER CONTACT
      The preferred method for contacting BINCONF CDC is via e-mail.
      Incident reports and related issues should be sent to the address cdc@binconf.com. For general questions please send an e-mail to info@binconf.com.

      If it is not possible (or not advisable for security reasons) to use e-mail, the BINCONF CDC can be reached by emergency telephone number +421 917 755 683

      Days/Hours of Operation: 09:00 to 17:00 Monday to Friday.

  3. CHARTER
    1. MISSION STATEMENT
      BINCONF CDC team aims to help the information infrastructure of their clients and partners. BINCONF CDC also handles incidents that originate in networks provided by its clients and are reported to the team by any person or institutions.
    2. CONSTITUENCY
      BINCONF CDC constituency is primarily clients of Binary Confidence s.r.o. We provide our clients with 24/7 remote IT security monitoring, defense and security incident handling.
    3. SPONSORSHIP AND/OR AFFILIATION
      BINCONF CDC is part of the Binary Confidence, s. r. o.
    4. AUTHORITY
      BINCONF CDC is provided by Binary Confidence, s. r. o., officially formed at May 2014. BINCONF CDC does its best for cooperation with clients and other CSIRT teams in the Slovak Republic.
  4. POLICIES
    1. TYPES OF INCIDENTS AND LEVEL OF SUPPORT
      BINCONF CDC provides incident handling service for IP ranges assigned to Binary Confidence, s. r. o. and their clients.
      The level of support given by BINCONF CDC depends on the type and severity of the incident and the type of constituent. The priority of incident is based on apparent severity.
      End users of client network are expected to contact their network/system/service administrator for assistance.
      No support will be given to the end users.
      BINCONF CDC is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.
    2. CO-OPERATION, INTERACTION AND DISCLOSURE OF INFORMATION
      BINCONF CDC cooperates with other CSIRTs that are members of TF-CSIRT and exchange all necessary information as well with affected network/services administrators. All sensitive data and information are handled confidentially by BINCONF CDC, regardless of its priority. This information is communicated and stored in a secure environment. Information will only be distributed further to other teams and members on a need-to-know base, and preferably in an anonymized fashion.
    3. COMMUNICATION AND AUTHENTICATION
      E-mails and telephones are used for normal communication in BINCONF CDC. The secured communication - PGP-Encrypted communication is used to send highly sensitive data.
  5. SERVICES
    1. INCIDENT RESPONSE
      BINCONF CDC will handle the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:
      1. INCIDENT TRIAGE
        Determining whether an incident is authentic.
        Determining the incident extent and priority.
        Assessing and prioritizing the incident.
      2. INCIDENT COORDINATION
        Determine the involved organizations.
        Contact the involved parties to investigate the incident and take the appropriate steps.
        Facilitate contact to other parties which can help resolve the incident.
        Facilitate contact with other sites which may be involved.
        Facilitate contact with appropriate law enforcement officials, if necessary.
      3. INCIDENT RESOLUTION
        Providing advice to the local security teams on appropriate actions.
        Follow up on the progress of the concerned local security teams.
        Provide assistance in evidence collection and data interpretation. Sharing all important information with constituents and partners.
    2. PROACTIVE ACTIVITIES
      BINCONF CDC provides proactive services in warning and alerts area to its clients.
      BINCONF CDC also tries to raise security awareness in its constituency.
  6. INCIDENT REPORTING FORMS
    There is no required format of forms for reporting the incidents to BINCONF CDC.
  7. DISCLAIMERS
    While every precaution will be taken in the preparation of information, notifications and alerts, BINCONF CDC assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.