CSIRT (Computer Security Incident Response Team) is the service whose main aim is to react to incidents related to security of ICT infrastructure and systems. CSIRT service consists of experts in the field of IT security. The mission of AMRES CSIRT service is to raise the security level of AMRES ICT infrastructure and systems, to solve efficiently specific security incidents within AMRES network and AMRES users, and to raise awareness about ICT security to AMRES end users.
CSIRT mission is implemented through the following courses of action:
- Investigating and dealing with specific incidents within AMRES network
- Coordination between AMRES users and provision of assistance in handling their security incidents
- Raising awareness about ICT security to the technical contacts of AMRES users and end users
- Cooperation with CSIRT services of European academic networks
- Tracking development and trends in the field of ICT security
Users of CSIRT Service and Action Limits
Users of AMRES CSIRT service are as follows:
- AMRES users
- AMRES end users
- All persons who report incident or violation of rules of acceptable use policy of AMRES network, committed by AMRES end users
AMRES CSIRT service is responsible for action in the following fields:
- Domains: *.ac.rs, *.ak.srb
- Autonomous systems: AS13092, AS13303
- IPv4 address range: 184.108.40.206/16, 220.127.116.11/16, 18.104.22.168/19
- IPv6 address range: 2001:4170::/32
In case of need or request, CSIRT service will expand its action limits, i.e. its services in future to other users as well.
Relations with Other CSIRT Services
Relations with other CSIRT services featured in the following examples:
- Coordination in handling certain incidents involving devices and/or users in responsibility of other CSIRT services.
- Exchange of experience and information related to ICT security and monitoring of development and trends.
- Handling requests for sending information about certain users, their activities, etc. made by representatives of Ministry of Internal Affairs.