sirios the framework for certs
play

SIRIOS the Framework for CERTs Thomas Klingmller Federal Office - PowerPoint PPT Presentation

Sep 04, 2023 •461 likes •661 views

SIRIOS the Framework for CERTs Thomas Klingmller Federal Office for Information Security (BSI) Germany 17th FIRST Conference 2005 - Singapore June 26 July 1, 2005 Abstract SIRIOS Framework for CERTs BSI and CERT-Bund J SIRIOS

  1. SIRIOS the Framework for CERTs Thomas Klingmüller Federal Office for Information Security (BSI) Germany 17th FIRST Conference 2005 - Singapore June 26 – July 1, 2005

  2. Abstract SIRIOS – Framework for CERTs BSI and CERT-Bund J SIRIOS – What it is J SIRIOS – Features J SIRIOS – Modules J Incident tracking J Vulnerabilities J Further modules J Download and installation – Where to get it J SIRIOS at CERT-Bund J Questions J Thomas Klingmüller 29.06.2005 Slide 2

  3. Framework for CERTs SIRIOS – S ystem for I ncident R esponse i n O perational S ecurity SIRIOS � Internal ticket handling and tracking for CERTs � Role based workflows for ticket handling � Processing of vulnerability and incident information � Incident tracking � Authoring and publishing system for advisories � Databases for vulnerability information and artifacts � Cryptographic support Thomas Klingmüller 29.06.2005 Slide 3

  4. SIRIOS - Ticket � Ticket-ID � (Un-)Lock � From / To � Status � Subject � Contact Information � Owner � Notes � History � Print-Preview � Queue � Krypto-Info � Age � Links � Content � Escalation status Thomas Klingmüller 29.06.2005 Slide 4

  5. Role based workflows user role group queue Rollen User Advisory Incident Hotliner Coordination Administrator Overview Handler Handler Friday Robinson Crocodile Thomas Klingmüller 29.06.2005 Slide 5

  6. SIRIOS - Features � Multilanguage support via preconfigured templates � Platform independent � Free Open Source Software – GPL* � Designed with security in mind � External enhancement: SIRIOS Networks � Internal enhancement: modular design *GNU General Public License ( GPL ) Thomas Klingmüller 29.06.2005 Slide 6

  7. SIRIOS - Modules � Incident tracking � Authoring Advisories � Import and export of information using well known standards � Checking signatures, encryption, decryption � Vulnerability database � Artifact database � Contact database � Monitoring of web sites � Administration GUI � Multilanguage template based � Paket manager Thomas Klingmüller 29.06.2005 Slide 7

  8. Incidents: Incoming day-to-day CERT Business SIRIOS - Features � mail handling � Filtered inboxes with automated triage � telephone hotline � Telephone to database – � Incident reporting with templates � automated alerts and � Role based incident tracking statistics � IODEF interface � IDMEF interface Thomas Klingmüller 29.06.2005 Slide 8

  9. Incidents: processing day-to-day CERT Business with SIRIOS � Several tools � central incident – module � text-editor � Incident tracking � command line � artifact – database � Multiple data sources � Sourcecode / binaries � online information � Logs � databases � Any files � email � central vulnerability – database � paper � Manual input � OSVDB objects � CVE objects � contact - database Thomas Klingmüller 29.06.2005 Slide 9

  10. Incidents: Outgoing day-to-day CERT Business with SIRIOS � Text-editor � Incident – module � Anonymising dataobjects � Mail � Pseudonymising dataobjects � exchange with IODEF � IODEF -> xml-file � IDMEF -> xml-file � IODEF+IDMEF -> xml-file Thomas Klingmüller 29.06.2005 Slide 10

  11. Vulnerabilities: Incoming day-to-day CERT Business with SIRIOS � Maillinglists � Role based advisory handling � Browser � Workflow-management � Mail � Archivierung aller � Telephone Maillinglisten � Multilanguage - templates Thomas Klingmüller 29.06.2005 Slide 11

  12. Vulnerabilities: Processing day-to-day CERT Business with SIRIOS � Text – editor � Self – developed databases � Advisory – module � Internet � Template - GUI for Advisories � � Virus – alarm/warning � Admin – information � Quality - check � Artifact – database � Source code � files � Central vulnerability database � Vulner. –numbers � Risk-level � OSVDB / CVE Thomas Klingmüller 29.06.2005 Slide 12

  13. Vulnerabilities: Outgoing day-to-day CERT Business with SIRIOS � PGP – tools � Different advisory formats � Long – advisories � S/MIME – tools � Short – advisories � Mail-server � Virus – alarm/warning � Admin – information � Signing and/or encryption of outgoing information � Export in EISPP/DAF Thomas Klingmüller 29.06.2005 Slide 13

  14. in action Thomas Klingmüller 29.06.2005 Slide 14

  15. SIRIOS at CERT-Bund � Platform – NetBSD 1.6.2 � MySQL � Apache 2.0 � Perl � Two Systems in Master-Slave mode � Load-balancing � Systemmonitoring with mon � Full – Backup � Wrapper – interface for maillinglist-server, webserver (cms) Thomas Klingmüller 29.06.2005 Slide 15

  16. SIRIOS at CERT-Bund II ipf load balancing ipf load balancing SIRIOS SIRIOS Wrapper Webserver Webserver Backup Database Database Mail - Archive Thomas Klingmüller 29.06.2005 Slide 16

  17. Installations – Where to get it � Source: � www.sirios.org ( and maillinglists) � www.cert-verbund.de/sirios/ � Projectteam � CERT-Bund � Thomas Klingmüller, � Tillmann Werner � Helping hand � Siemens CERT, Germany � DFN-CERT, Germany � PRE-CERT, Germany � OTRS GMBH, Germany Thomas Klingmüller 29.06.2005 Slide 17

  18. Kontakt Federal Office for Information Security (BSI) Germany Thomas Klingmüller Section I 2.1 – CERT-Bund Godesberger Allee 185-189 53175 Bonn Tel: +49 (0)1888 9582-561 Fax: +49 (0)1888 9582-90-561 thomas.klingmueller@bsi.bund.de http://www.bsi.bund.de http://www.cert-bund.de Thomas Klingmüller 29.06.2005 Slide 18

Recommend

Schroder GAIA Sirios US Equity January 2014 January 2014 | For professional investors or

Schroder GAIA Sirios US Equity January 2014 January 2014 | For professional investors or

Schroder GAIA Sirios US Equity January 2014 January 2014 | For professional investors or advisers only. John Brennan Track Record 28 years investment experience Co-founded Sirios in 1999. Prior to Sirios John was Senior Vice President at

475 views • 19 slides
Selective Logs Log all the certs! A log server indicates which CAs it supports

Selective Logs Log all the certs! A log server indicates which CAs it supports

Selective Logs Log all the certs! A log server indicates which CAs it supports Implied that (almost) all certs from those CAs are logged not all Its not required What should we do, if anything?

328 views • 3 slides
rfc4474bis + PASSporT + certs IETF 98 (Chicago) STIR WG The good news Were done, pretuy

rfc4474bis + PASSporT + certs IETF 98 (Chicago) STIR WG The good news Were done, pretuy

rfc4474bis + PASSporT + certs IETF 98 (Chicago) STIR WG The good news Were done, pretuy much Past IESG review, ballot cleared (!) Stjll a litule cleanup to do, mostly on certs Last minute fjxes Synchronizatjon across drafus

426 views • 23 slides
Automated Reliability Reports (ARR) CERTS I ndustry Leaders Council Meeting By: Mahmood

Automated Reliability Reports (ARR) CERTS I ndustry Leaders Council Meeting By: Mahmood

Automated Reliability Reports (ARR) CERTS I ndustry Leaders Council Meeting By: Mahmood Mirheidar - FERC Carlos Martinez CERTS/EPG Washington D. C. May 13, 2009 Automated Reliability Reports (ARR) Presentation Overview Automated

161 views • 15 slides
Overview of CCA & EV Resources Peter Lindstrom, Clean Energy Resource Teams (CERTs)

Overview of CCA & EV Resources Peter Lindstrom, Clean Energy Resource Teams (CERTs)

Overview of CCA & EV Resources Peter Lindstrom, Clean Energy Resource Teams (CERTs) Diana McKeown, Great Plains Institute/CERTs About Cities Charging Ahead (CCA) About Cities Charging Ahead! Peer cohort of 28 cities working together

331 views • 20 slides
CERTs and Digital Forensics: The Need for Security Collaborations Among Regions Dr. Soranun

CERTs and Digital Forensics: The Need for Security Collaborations Among Regions Dr. Soranun

CERTs and Digital Forensics: The Need for Security Collaborations Among Regions Dr. Soranun Jiwasurat Division Director, Office of Security, ETDA 1 ThaiCERT: A Quick Glance A government funded unit, established in 2000 The first and

654 views • 22 slides
SSL/TLS OpenSSL OpenSSL is a very common SSL/TLS library Written in C Wrappers exist

SSL/TLS OpenSSL OpenSSL is a very common SSL/TLS library Written in C Wrappers exist

SSL/TLS OpenSSL OpenSSL is a very common SSL/TLS library Written in C Wrappers exist for many languages Can be used for many encryption needs Generating keys Signing certs Validating certs We'll use OpenSSL in the

287 views • 6 slides
1 Certificates /etc/ssl/certs $ cat GlobalSign_Root_CA.pem -----BEGIN TRUSTED CERTIFICATE-----

1 Certificates /etc/ssl/certs $ cat GlobalSign_Root_CA.pem -----BEGIN TRUSTED CERTIFICATE-----

1 Certificates /etc/ssl/certs $ cat GlobalSign_Root_CA.pem -----BEGIN TRUSTED CERTIFICATE----- MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv

213 views • 7 slides
Low-Cost Strategies for Reducing Energy Use CERTS October 2018 Bemidji 4th Mayors Monarch

Low-Cost Strategies for Reducing Energy Use CERTS October 2018 Bemidji 4th Mayors Monarch

Low-Cost Strategies for Reducing Energy Use CERTS October 2018 Bemidji 4th Mayors Monarch Pledge Pollinator Gardens How can my city reduce energy use and save money? Answer: GESP Guaranteed Energy Savings Program GESP

636 views • 17 slides
Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich:

Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich:

Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich: http://www.csg.ethz.ch Paper download: http://www.techzoom.net/risk ETH Zurich - Stefan Frei, Martin May - 20 th Annual FIRST Conference 2008 - Vancouver -

723 views • 35 slides
EduCarbon Minnesota Student Energy Project Thank you CERTS We get to share our story. A

EduCarbon Minnesota Student Energy Project Thank you CERTS We get to share our story. A

EduCarbon Minnesota Student Energy Project Thank you CERTS We get to share our story. A Little Bit About Us Student-Founded Student-Led May 2008 Rochester Mayo High School Non-Profit February 2010 Mayo High School

584 views • 37 slides
Documentation on Record Review 1 Ineligibles Report: Client/ Miscellaneous/ Communication 2 1

Documentation on Record Review 1 Ineligibles Report: Client/ Miscellaneous/ Communication 2 1

10/16/2020 Documentation on Record Review 1 Ineligibles Report: Client/ Miscellaneous/ Communication 2 1 10/16/2020 3 Expiring S hort Certs Report Clinic/ Reports/ Participation/ Expiring S hort Certs Generate Report Review

391 views • 36 slides
Legal challenges to information sharing of national/governmental CERTs in Europe Silvia Portesi

Legal challenges to information sharing of national/governmental CERTs in Europe Silvia Portesi

Legal challenges to information sharing of national/governmental CERTs in Europe Silvia Portesi Silvia Portesi Neil Robinson Neil Robinson ENISA RAND Europe Agenda Importance of information sharing Policy background

593 views • 24 slides
Key rollover @RIPE NCC draft-ietf-sidr-res-certs-18#section-8 draft-huston-sidr-keyroll-00.txt

Key rollover @RIPE NCC draft-ietf-sidr-res-certs-18#section-8 draft-huston-sidr-keyroll-00.txt

RIPE Network Coordination Centre Key rollover @RIPE NCC draft-ietf-sidr-res-certs-18#section-8 draft-huston-sidr-keyroll-00.txt Tim Bruijnzeels IETF78 http://www.ripe.net 1 RIPE Network Coordination Centre Before rollover CA Issuer: TA

258 views • 13 slides
Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web

Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web

Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web framework? Introduction for Java devs Demo Summary Yet another web framework? Yet another web framework? Why do we need another web framework?

656 views • 31 slides
GCC VAT Framework 6 member state, GCC Framework expected to be released shortly Minimum turnover

GCC VAT Framework 6 member state, GCC Framework expected to be released shortly Minimum turnover

Are you VAT ready ! VAT Readiness Presentation 17 April 2017 This presentation is intended for MCA Clients only, consent should be obtained from MCA prior to further circulation and distribution. GCC VAT Framework 6 member state, GCC Framework

803 views • 24 slides
A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b. Vulnerability Analysis c. Exploitation 2. Life Hack 3. A word to the wise history | grep -v infosec history | grep -v infosec How did I recareer into

697 views • 21 slides
April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and

April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and

April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and framework code Use of framework functions/methods Use of framework specific data types Implementation of framework interfaces Extension of

605 views • 39 slides
Northeast Conservation h Framework Framework What is it and why do we need it? National LCC

Northeast Conservation h Framework Framework What is it and why do we need it? National LCC

Northeast Conservation h Framework Framework What is it and why do we need it? National LCC Workshop Denver CO Denver CO March 2012 Northeast Conservation Framework Framework History Context Future Future NA Landscape

635 views • 38 slides
CERT CERT Emergency Network Emergency Network G.A. van Malenstein G.A. van Malenstein R.P.

CERT CERT Emergency Network Emergency Network G.A. van Malenstein G.A. van Malenstein R.P.

CERT CERT Emergency Network Emergency Network G.A. van Malenstein G.A. van Malenstein R.P. Vloothuis R.P. Vloothuis Supervisor: J. Meijer Supervisor: J. Meijer Introduction Introduction Introduction to Introduction to CERTs CERTs

397 views • 14 slides
A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano Cervesato - Frank Pfenning Department of Computer Science Carnegie Mellon University 11 th IEEE Symposium on Logic in Computer Science New

587 views • 30 slides
DPS framework DNSSEC Policy and Practice Statement framework

DPS framework DNSSEC Policy and Practice Statement framework

DPS framework DNSSEC Policy and Practice Statement framework draft-ietf-dnsop-dnssec-dps-framework-01 !"#$" Authors Fredrik Ljunggren, Kirei AB Anne-Marie Eklund Lwinder, .SE Tomofumi Okubo, VeriSign !"#$" Kirei AB 10

236 views • 10 slides
What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

Correspondence on The Logical Framework Approach Developed for SNV PARTNERS 14-18 July 2008 Supported by SNV Zimbabwe Compiled by: What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

653 views • 34 slides
What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et

What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et

What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et al., 2019) is a conceptual framework for children and young peoples mental health and wellbeing developed by a collaboration of authors from the

633 views • 4 slides

More recommend