CERT.br is a National Security Incident Response Team (CSIRT) of last resort, maintained by NIC.br. The team provides Information Security Incident Management services for any network using resources allocated by NIC.br.
Service Areas
Highlights
Affiliations and Partnerships
Incident Management
CERT.br is a National CSIRT of Last Resort and acts as a
national point of contact for reporting security incidents,
especially when a more specific contact is not known.
More about CERT.br.
Situational Awareness
CERT.br works proactively to provide information on attack trends in the Brazilian internet. This includes collecting and processing data from a variety of sources and sharing it with the community, respecting confidentiality levels and TLP classifications.
Sharing Information with the Community
CERT.br maintains a page with tutorials and tips on how to use MISP (Open Source Threat Intelligence Platform) for information sharing, as well as information on CERT.br's use of MISP.
CERT.br maintains several public statistics related to Internet security incidents, misconfigured systems that can be abused, attacks seen on sensors (honeypots), and spam complaints.
Data Acquisition
CERT.br maintains a network of distributed low-interaction honeypots to increase the capacity of incident detection, event correlation and trend analysis in the Brazilian Internet space.
The Spampots Project uses low-interaction honeypots to gather data related to the abuse of the Internet infrastructure by spammers.
Transferência de Conhecimento
Activities related to knowledge transfer to the community
include courses, events, dissemination of best practices and
security awareness materials.
Courses and Events
CERT® Division Official Courses
CERT.br is a Software Engineering Institute Partner and is licensed to officially deliver the following courses in Brazil:
- Fundamentals of Incident Handling (FIH)
- Advanced Topics in Incident Handling (ATIH)
- Overview of Creating and Managing CSIRTs (Overview)
Other Materials (in Portuguese)
Recommendations for the Notification of Security Incidents
Best practices for reporting computer and network security incidents.
Booklets with recommendations and tips on how Internet users should behave to increase their security and protect themselves from potential threats.
How to Install MISP in Linux Ubuntu
Tutorial with the basic steps for installing a MISP instance on Ubuntu systems, including hardening the operating system, configuring system packages and installing MISP.
