About TI

Services
  Team Info
  Contact TI
  TI Process
  References
  About TI
  Disclaimer
  [Members Only]
 

 

 Contact  Services  Review Board

 
Essentially, the TI lists, accredits and certifies security and incident response teams, and provides them with services. The full service portfolio is described below.

Note: instead of security team, CERT or CSIRT we simply refer to "team" below. This is also suggestive of the fact that the teams in our community do much more than just "emergency response" or "incident response" - they also contribute to awareness raising, to prevention of incidents, and potentially to various other services related to the field of "security incident management".

Publicly available Services

TI offers the following services to the worldwide IT security community and the public. These are funded by courtesy of the TI Accredited teams, to facilitate co-operation of teams worldwide and to stimulate European teams to become accredited. The services are available through the "public website" https://www.trusted-introducer.org/.

  • PUBLIC TEAM REPOSITORY. All teams registered by the TI, be they Listed, Accredited or Certified, are presented with their contact information on the public website. The information about Accredited and Certified teams is pro-actively maintained - the rest is done best-effort.
    To access, click here.

  • LISTING. Any legitimate team who delivers substantial incident management services to parties in Europe or around the Mediterranean, can be registered by the TI to become "Listed", providing they gain the support of at least TWO TI Accredited teams and there are no objections. Listing includes the storage of contact information and making this available on the public website.
    To apply (or for more info) click here.

  • ACCREDITATION. The next step after Listing. Only registered teams can apply for Accreditation. After applying, the team receives the Invitation Package for Accreditation, which details the process and all requirements. To kick the process off, the team needs to fill out and sign a form. When the TI receives that, the actual Accreditation process will start - which comes at a one-time fee.
    To apply (or for more info) click here.

  • CERTIFICATION. The final step after Accreditation (see below) is only available for accredited teams.
    To learn more about it click here.

  • MAINTENANCE. Teams which are Listed, can request to the TI to have their contact data changed. The TI does basic maintenance on the data of all registered teams - active maintenance is reserved for the Accredited and Certified teams.
    To maintain team info contact us here.

  • ADDITIONAL INFORMATION. The public website also offers additional information to the world, like the ISTLP - an international standard set of rules on confidential information exchange - and the CCoP - a first step towards professional ethics in our community. Also, all TI process information is on offer, including explanations about Accreditation, Certification and how-to-apply as explained above. Other information about security incidents etcetera, are not provided in order not to compete with services offered by the teams themselves.
    For ISTLP and CCoP click here.

Services for TI Accredited and Certified Teams only

TI offers the following services to Accredited and Certified teams only:

  • TEAM REPOSITORY. All teams registered by the TI, be they Listed, Accredited or Certified, are presented with their contact information on the members website. The members website additionally offers in-depth operational data of all Accredited and Certified teams.

  • CERTIFICATION. A team which has been Accredited for at least one year, can request to become Certified. Certification is available since 1 September 2010 and is an optional, additional step for Accredited teams. It requires fulfilling a set of 50 requirements within the framework of SIM3, the Security Incident Management Maturity Model. Certification has been created because there is a growing demand for accountability and (demonstrable) maturity in our community - and outside, like in demands from auditors, corporate management, or indeed governments.
    Certified teams are an integral part of the community of TI Accredited teams.

  • MAINTENANCE. The TI actively maintains the information about teams which are Accredited or Certified. This is done in a 4-monthly cycle.

  • MEMBERS MEETINGS. Three times per year the TI Accredited and Certified teams meet in a trusted manner (the meetings are closed to all others). These meetings are adjacent to TF-CSIRT.

  • NETWORKING. The TI Team provide international networking on behalf of the TI members. This networking stimulates new teams to join the TI by becoming Listed, helps people to go to TF-CSIRT and TRANSITS. Less frequently, it helps resolve potential conflicts or confusion. An activity started end of 2010, is contacting parties like big social networks or spam fighters in order to stimulate mutually beneficial ways of cooperating.

  • TI COMPENDIUM. The members website offers a Compendium with currently four tables, which enable a quick orientation on teams, offering views on a useful selection of team information.

  • ONE-CLICK DOWNLOADABLE TEAM INFORMATION. The members website offers a one-click downloadable CSV file with contact information about ALL teams registered by the TI, and a version with only Accredited and Certified teams. You can easily integrate this information in your team's information system, in your PDA or iPhone, or in your team's trouble ticket system.

  • ONE-CLICK DOWNLOADABLE GPG/PGP KEY FILES. The members website offers a one-click downloadable PGP/gpg key file with the PGP/gpg keys of all Accredited and Certified teams and the keys of all team representatives and other team members who had their keys registered.

  • AUTOMATIC IRT-OBJECT REGISTRATION. The TI registers of a so-called IRT-object in the RIPE database corresponding with your CSIRT: the aim there is a direct mapping between your constituency's IP number ranges and your team's contact data (this registration is automatic but has been made fully flexible early in 2010 as to be able to accomodate most special cases and wishes).

  • TI-PKI. X.509 based TI-PKI (public key infrastructure) for secure web and mail purposes. This system, based on X.509 client certificates which are handed out to all team representatives and registered team members, provides access to the members website, but also enables the various secure-mail options. Also it is used in a limited number of cases for access to special WIKIs.

  • GPG/PGP KEY SIGNING. The TI offers GPG/PGP key-signing of your team's signing key and team representative keys.

  • MAILINGLIST FOR ACCREDITED TEAMS. A special mailinglist is maintained that holds all Accredited and Certified teams, and can be used by them alone. This medium is meant for discussion of any non-critical CERT or security issues within a trusted environment.

  • SECURE MAILINGLISTS. Two secure mailinglists exist, one where all Accredited and Certified teams are subscribed - and one which only holds all team representatives. These mailinglists use the crypto gateway - this means that you can simply send a message encrypting it in the gateway key - and the gateway will then send it to all recipients, encrypted and signed.

  • SECURE OUT-OF-BAND ALERTING. You can deliver - by phone - a voice message alert to our secure out-of-band telephone gateway. SMS alerts will then be sent out to all Accredited and Certified teams who registered for this service. Next, registered users can phone the gateway, and listen to your message.
    This system exists for the eventuality of an Internet breakdown. If you only have VOIP, it's value might be limited, however your cellphone usually provides a good fallback for that.

 

Last updated: 03 Jan 2011 
Copyright © 2000-2011 by PRESECURE (DE)