• Posted 20-Jan-2020

Open platform and tools to facilitate the collaboration among Computer Security Incident Response Teams

On the 15th of January 2020, the European Commission kicked off two projects to build Cybersecurity capacity and strengthen the collaboration on Cyber threats and incidents in the EU.

These are public procurements, within the cybersecurity objective of the Connecting Europe Facility (CEF)-telecoms programme, which were awarded further to open calls for tenders.

Collaboration among European Computer Security Incident Response Teams (CSIRTs) has become essential in Europe’s Cybersecurity strategies.

Recently, the European Commission has selected a tender for funding under the call “Connecting Europe Facility – Cybersecurity Digital Service Infrastructure Maintenance and Evolution of Core Service Platform Cooperation Mechanism for CSIRTs – MeliCERTes Facility” (SMART 2018/1024).

The winner is a strong consortium stemming from the CSIRTs community.  Poland’s national Computer Emergency Response Team (NASK/CERT.pl) will coordinate the work of the consortium supported by four partners, the Austrian Computer Emergency Response Team (nic.at/CERT.at), the Estonian Information System Authority (CERT.EE), the Computer Incident Response Center Luxembourg (CIRCL) and Deloitte. They will work together to further develop and maintain the MeliCERTes platform offering sustainable services and collaboration tools to EU CSIRTs.

Building on the services provided by the initial MeliCERTes platform and now hosted by the EU Cybersecurity Agency, ENISA, the new grant will cover:

  • The implementation of a collection of open source tools used, developed and maintained by the CSIRTs themselves, with the primary goal of providing services for their own constituency.
  • Improvement of the existing foundation as bootstrapped in MeliCERTes into long-term maintainable and a more operationalised platform, meant to support the cooperation efforts within the CSIRTs Network.
  • Apart from maintenance and development of the key components of MeliCERTes, such as MISP and IntelMQ, fresh ideas for tooling will be incorporated during the project, for example vulnerability management and disclosure, large-scale malware storage or leak analysis and detection capabilities.

A special emphasis will be put on ensuring that the needs and requirements of newer CSIRTs will be addressed. The consortium is composed of four members of the CSIRTs Network, which have a proven track record of both building new tooling and maintaining software over the long-term, such as CERT.at, CERT.PL, CIRCL and CERT EE.

This 3 years grant receives a funding of 2 million EUR by the EU. It will be carried out in close collaboration with ENISA, the EU Agency for Cybersecurity is hosting the central node of the MeliCERTes facility. It builds on the outcomes of SMART 2015/1089 that developed the MeliCERTes core platform.

Source: European Commission Digital Single Market News (http://bit.ly/2NrtMx8)