ENOC (Ednon NEXT Operations Center) is our Security Operations Center (SOC) and where our computer security incident response team (CSIRT) operates.
It is certified under the National Security Scheme (ENS) and under UNE-ISO 27001: 2014 (Information Security Management System).
ENOC-CSIRT is a private CSIRT dedicated to provide services to public and private organizations, and it is created by mandate of the EDNON manadgement with the mission of providing security services and protecting the information systems of the different departments of the organization and clients external to it, both being here in after referred to as the beneficiaries, in the event of security incidents that could affect the integrity, confidentiality or accessibility of the data and / or damage the operations or reputation of those affected.
To achieve these objectives, ENOC-CSIRT performs, among others, the following tasks:
To achieve these objectives, ENOC-CSIRT adheres since its creation to the following values:
The services provided by ENOC-CSIRT are directed to all EDNON internal departments and to external company organizations subscribed to them.
ENOC-CSIRT is part of the EDNON S.L. operations group. It also maintains contact with different CSIRTs and related organizations from Spain, Europe and Latin America.
ENOC-CSIRT operates, within EDNON S.L., under the authority of our Head of Information Security and the company’s Management.
Regarding its external clients, ENOC-CSIRT acts as an advisor to the security teams of those clients and doesn’t have authority over them. Therefore, the implementation of the provided recommendations will be exclusively responsibility of the client.
All the services provided can be consulted in the descriptive document of the service: RFC 2350 ENOC-CSIRT (rfc2350_enoc-csirt.pdf).
ENOC-CSIRT uses the e-mail address firstname.lastname@example.org and the following PGP key for communications related to incident management:
Name: ENOC-CSIRT incidents
Fingerprint: 2E0F 80F8 A08F 4801 B558 F483 6ED9 AD2C 6D24 B356
For administrative communications, the email address email@example.com associated with the following PGP key is used:
Name: ENOC-CSIRT Team
Fingerprint: 7301 6FC9 C4D7 8CA0 1221 271D 067E ACDC 7D39 82AB
These keys are available on public PGP key servers.
PGP encryption must be used in all email communications that require it due to its level of confidentiality.
ENOC-CSIRT RFC 2350 document has been signed with PGP signature corresponding to the address firstname.lastname@example.org.
Signature file accesible at: rfc2350_enoc-csirt.pdf