Contact
EDNON Support
 

ENOC-CSIRT

ENOC (Ednon NEXT Operations Center) is our Security Operations Center (SOC) and where our computer security incident response team (CSIRT) operates.

It is certified under the National Security Scheme (ENS) and under UNE-ISO 27001: 2014 (Information Security Management System).

Our mission

ENOC-CSIRT is a private CSIRT dedicated to provide services to public and private organizations, and it is created by mandate of the EDNON manadgement with the mission of providing security services and protecting the information systems of the different departments of the organization and clients external to it, both being here in after referred to as the beneficiaries, in the event of security incidents that could affect the integrity, confidentiality or accessibility of the data and / or damage the operations or reputation of those affected.

To achieve these objectives, ENOC-CSIRT performs, among others, the following tasks:

  • Data collection and analysis from different available sources regarding to new vulnerabilities and threats.
  • Communication to the beneficiaries of the generated intelligence that is relevant to their context of operations.
  • Distribution with other response centers of technical information on incidents to improve a joint response.
  • Proactive and preventive tasks to improve the safety of the beneficiaries.
  • Monitoring of security events and incident detection.
  • Support to beneficiaries in the coordination and management of responses to security incidents that could affect them.

To achieve these objectives, ENOC-CSIRT adheres since its creation to the following values:

  • Compliance with legal regulations applicable to the services provided.
  • Application of the best practices commonly recognized in the sector, adhering and taking as reference for its operations the CSIRT Code of Practice version 2.4, available at https://www.trusted-introducer.org/TI-CCoP.pdf.
  • Establishment of strict ethical behavior requirements and confidentiality requirements for all personnel belonging to the service.
  • Promote the use of good practices.
  • Proportion of effective and efficient response in the event of incidents.
  • Definition and execution of continuous quality and safety audits on the services provided, taking methodologies and standards commonly recognized in the sector as references for them.
  • Regular creation and maintenance of communication processes, as well as evaluation of the needs of the internal and external users of our services, with a continuous improvement process.

Demarcation

The services provided by ENOC-CSIRT are directed to all EDNON internal departments and to external company organizations subscribed to them.

Membership

ENOC-CSIRT is part of the EDNON S.L. operations group. It also maintains contact with different CSIRTs and related organizations from Spain, Europe and Latin America.

Our SOC CSIRT is a member of the TF-CSIRT (Trusted Introducer) forum, the main European forum for Incident Response and Information Security Teams. The Trusted Introducer Service was established by the European CERT community in 2000 to address common needs and build a service infrastructure providing vital support for all security and incident response teams. The Trusted Introducer Service forms the trusted backbone of infrastructure services and serves as clearinghouse for all security and incident response teams. It lists well known teams and accredits as well as certify teams according to their demonstrated and checked level of maturity. Vital member’s only services enabling security and incident response teams to interact more efficiently and effectively with each other are available to all accredited and certified teams.

pixlr-bg-result(1)

Authority

ENOC-CSIRT operates, within EDNON S.L., under the authority of our Head of Information Security and the company’s Management.

Regarding its external clients, ENOC-CSIRT acts as an advisor to the security teams of those clients and doesn’t have authority over them. Therefore, the implementation of the provided recommendations will be exclusively responsibility of the client.

All the services provided can be consulted in the descriptive document of the service: RFC 2350 ENOC-CSIRT (rfc2350_enoc-csirt.pdf).

Communications: public keys and encryption

ENOC-CSIRT uses the e-mail address csirt@ednon.com and the following PGP key for communications related to incident management:

Name: ENOC-CSIRT incidents <csirt@ednon.com>

Key ID: 0x6ED9AD2C6D24B356

Fingerprint: 2E0F 80F8 A08F 4801 B558 F483 6ED9 AD2C 6D24 B356

For administrative communications, the email address enoc_csirt@ednon.com associated with the following PGP key is used:

Name: ENOC-CSIRT Team <enoc_csirt@ednon.com>

Key ID: 0x067EACDC7D3982AB

Fingerprint: 7301 6FC9 C4D7 8CA0 1221 271D 067E ACDC 7D39 82AB

These keys are available on public PGP key servers.

PGP encryption must be used in all email communications that require it due to its level of confidentiality.

ENOC-CSIRT RFC 2350 document has been signed with PGP signature corresponding to the address enoc_csirt@ednon.com.

Signature file accesible at: rfc2350_enoc-csirt.pdf