Assistance in organizing CERT/CSIRT services -

Computer Emergency
Response Team

Assistance in organizing CERT/CSIRT services

Main tasks of sectoral CERT/CSIRT services:

identifying cybersecurity incidents, responding to them, and eliminating their consequences;
on modern cybersecurity threats
collection, accumulation, and analysis of data;
investigation of cybersecurity incidents and
reporting to the authorized and working body;
Working in cooperation with the UZCERT service;
Regularly take measures to ensure cybersecurity.

Assistance in the development of regulatory legal acts for sectoral CERT/CSIRT services

Assistance in the implementation of cybersecurity monitoring systems

Training and professional development of specialists in the activities of the CERT service:

Development of a preliminary action plan for organizing the CERT/CSIRT service
Development of a draft regulation defining the main functions and tasks of the CERT/CSIRT service
Development of a draft memorandum of cooperation with sectoral CERT/CSIRT services and the UZCERT service
Development of a cybersecurity incident response plan

FALCON
24/7 monitoring system for information systems and resources
Threat Intelligence
Early warning system for cyber threats
V-tuzoq
Honeypot cyber threat data collection system
MISP
Information exchange system on cyber incidents, cyber threats, and IOCs
FIRESIGHT
Real-time Web Application Protection WAF System

Detecting and responding to cyber incidents
Report cyber incidents and collect digital evidence
Taking measures to eliminate the consequences of cyber incidents and prevent their recurrence
Investigate cyber incident and prepare final report

Cyber Security Incident Response Helpful Guides for Building a CERT/CSIRT and Cyber Security Incident Management

A guide to classifying and managing cyber security incidents

Cyber Security Incident Response Scheme

Cybersecurity Incident Report Form