ENOC-CSIRT

ENOC (Ednon NEXT Operations Center) is our Security Operations Center (SOC) and where our computer security incident response team (CSIRT) operates.

It is certified under the National Security Scheme (ENS) and under UNE-ISO 27001: 2014 (Information Security Management System).

Why choose EDNON’s SOC service?

Choosing a SOC provider is a key decision that must be carried out conscientiously as it will be an extension of your security team, and will be responsible in many cases for tasks such as threat detection, coordination and execution of incident response, etc. The EDNON SOC-CSIRT highlights the following key aspects:

  • SOC technology support. EDNON’s SOC uses proven and mature technologies, many of them commercial, that deliver value from the start and deploy and implement quickly, including automation and orchestration (SOAR) functions, and behavior analysis technologies (for example, through UEBA, etc.), among others.
  • Focus on your business. Although the SOC service has a baseline to ensure that all customers are served with a certain quality standard, the development of the SOC will revolve around the specific needs of the client organization, in a way that will provide specialized and knowledgeable people of your customer’s IT systems, processes, compliance requirements and security objectives. It is an extension of the customer’s team and will work specifically to meet customer objectives, with specific alarms and detections for your organization.
  • Maturity of their processes. Often organizations prioritize in technologies rather than people and processes. However, this is a wrong approach, as processes are the right tool to fill the gaps between technology and people. The EDNON SOC has mature processes that allow to obtain metrics and indicators for the continuous improvement of the service.
  • Competitiveness in the supply to market of service packages. Both the design of the service, the organization of the service, or the selection of technologies, for example, are aimed at the customer to perceive and obtain, objectively, more value for less cost than other offers in the market.
  • Contrasted experience. EDNON has promoted the creation of the SOC-CSIRT to position it as one of the best SOC teams specialized in Response to Security Incidents (Blue Team) of the national territory. This has led him to invest in the hiring of analysts and technicians specialized in cyberdefense with extensive experience in national and international SOCs that accumulate more than 25 years of experience.
  • Proximity. One focus of EDNON’s business strategy has always been to offer a professional and close treatment to its customers, caring for their needs and concerns. Choosing the EDNON SOC service ensures a flexibility and special sensitivity of the service to your concerns and objectives, allowing you to customize the service to some degree, and not only obtain a standardized service and equal treatment for all customers, as with many SOC services of large or multinational companies.

Our mission

ENOC-CSIRT is a private CSIRT dedicated to provide services to public and private organizations, and it is created by mandate of the EDNON manadgement with the mission of providing security services and protecting the information systems of the different departments of the organization and clients external to it, both being hereinafter referred to as the beneficiaries, in the event of security incidents that could affect the integrity, confidentiality or accessibility of the data and / or damage the operations or reputation of those affected.

Para lograr estos objetivos ENOC-CSIRT realiza, entre otras, las siguientes tareas:

  • Data collection and analysis from different available sources regarding to new vulnerabilities and threats.
  • Communication to the beneficiaries of the generated intelligence that is relevant to their context of operations.
  • Distribution with other response centers of technical information on incidents to improve a joint response.
  • Proactive and preventive tasks to improve the safety of the beneficiaries.
  • Monitoring of security events and incident detection.
  • Support to beneficiaries in the coordination and management of responses to security incidents that could affect them.

To achieve these objectives, ENOC-CSIRT adheres since its creation to the following values:

  • > Compliance with legal regulations applicable to the services provided.
  • Application of the best practices commonly recognized in the sector, adhering and taking as reference for its operations the CSIRT Code of Practice version 2.4, available at https://www.trusted-introducer.org/TI-CCoP.pdf.
  • > Establishment of strict ethical behavior requirements and confidentiality requirements for all personnel belonging to the service.
  • Promote the use of good practices.
  • Proportion of effective and efficient response in the event of incidents.
  • Definition and execution of continuous quality and safety audits on the services provided, taking methodologies and standards commonly recognized in the sector as references for them.
  • Regular creation and maintenance of communication processes, as well as evaluation of the needs of the internal and external users of our services, with a continuous improvement process.

Demarcation

The services provided by ENOC-CSIRT are directed to all EDNON internal departments and to external company organizations subscribed to them.

Membership

ENOC-CSIRT is part of the EDNON S.L. operations group. It also maintains contact with different CSIRTs and related organizations from Spain, Europe and Latin America.

pixlr-bg-result(1)
logo CSIRT
RNS logo

Authority

ENOC-CSIRT operates, within EDNON S.L., under the authority of our Head of Information Security and the company’s Management.

Regarding its external clients, ENOC-CSIRT acts as an advisor to the security teams of those clients and doesn’t have authority over them. Therefore, the implementation of the provided recommendations will be exclusively responsibility of the client.

All the services provided can be consulted in the descriptive document of the service: RFC 2350 ENOC-CSIRT (rfc2350_enoc-csirt.pdf).

Communications: public keys and encryption

El ENOC-CSIRT emplea para las comunicaciones relacionadas con gestión de incidentes la dirección de e-mail csirt@ednon.es y la siguiente clave PGP:

Nombre: ENOC-CSIRT incidents <csirt@ednon.es>

Fingerprint: 07FD 02D5 0DD3 F3B9 CBAE 2C3F C08C 6FA8 52AF 9281

Para comunicaciones administrativas se emplea la dirección de e-mail enoc_csirt@ednon.es asociada a la siguiente clave PGP:

Nombre: ENOC-CSIRT Team <enoc_csirt@ednon.es>

Key ID: 0x067EACDC7D3982AB

Fingerprint: 6198 77B2 3D02 B898 191C 76D1 7774 15EC 4FB7 B357

Estas claves se encuentran disponibles en servidores públicos de claves PGP.

El cifrado PGP debe ser empleado en todas las comunicaciones por correo electrónico que, dado su nivel de confidencialidad, así lo requieran.

El fichero de firma se encuentra accesible a continuación: rfc2350_enoc-csirt.pdf