CERT.NETWORKS.PL - RFC 2350

Version: 1.1

Date: 20.09.2024

1. Document information

This document contains a description of CERT.NETWORKS.PL according to RFC 2350 standard and provides information about the CERT.NETWORKS.PL, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 Date of last update

20.09.2024

1.2 Distribution list for notifications

There is no distribution list for notifications as of 20.09.2024.

1.3 Locations where this document may be found

The current version of this document can always be found at: https://cert.networks.pl

2. Contact information

2.1 Name of the team

Short team name: CERT.NETWORKS.PL

Official team name: CERT.NETWORKS.PL

2.2 Address

CERT
NetWorks Sp. z o.o.
ul. Józefa Piusa Dziekońskiego 3
00-728 Warszawa
POLAND

2.3 Time zone

Central European time zone (CET). GMT+01.00 (+02.00 during summer time).

2.4 Telephone Number

Not available publicly.

2.5 Facsimile Number

Not available.

2.6 Other Telecommunication

Not available.

2.7 Electronic mail address

cert[at]networks.pl

2.8 Public keys and encryption information

User-ID: CERT.NETWORKS.PL <cert@networks.pl>
Fingerprint: 8488C0B4728998AD0C14919C662990EFA1DE513E

-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEY9jXthYJKwYBBAHaRw8BAQdAcAsBuTrUS2S4DUS15n0Wk3/JS+KVnntzLMG1
SUAQjve0I0NFUlQuTkVUV09SS1MuUEwgPGNlcnRAbmV0d29ya3MucGw+iJkEExYK
AEEWIQSEiMC0comYrQwUkZxmKZDvod5RPgUCY9jXtgIbAwUJDSsoegULCQgHAgIi
AgYVCgkICwIEFgIDAQIeBwIXgAAKCRBmKZDvod5RPhWGAPoDdKXvRKZdWPfOJhIV
9sI+6y64N7+bn7ztiOJx01qFmwEAorHPliofaUfExvDZBvbhzBbfrshOhG9pUvUQ
qL2lDwC4OARj2Ne2EgorBgEEAZdVAQUBAQdATLTMfcWdrWA4+pcoFi/uFgxpGg9q
zMw51Yc9BOdm4VADAQgHiH4EGBYKACYWIQSEiMC0comYrQwUkZxmKZDvod5RPgUC
Y9jXtgIbDAUJDSsoegAKCRBmKZDvod5RPgP0AQDJeKKcV1hKFmqlowLioeBoYk+H
p9RBUC6N0hg7mYw8GQEAvts9ohOxI1E4eZ0us267L8YQR8zat9ZIHE7zV9OzXQk=
=PEI6
-----END PGP PUBLIC KEY BLOCK-----

2.9 Team members

CERT.NETWORKS.PL team is a group IT security experts. No public information is provided about the team members.

2.10 Other information

Information about NetWorks company might be found at: https://www.networks.pl/en/

2.11 Points of customer contact

The CERT.NETWORKS.PL team may be contacted via e-mail: cert[at]networks.pl

3. Charter

3.1 Mission statement

Mission of CERT.NETWORKS.PL is to provide security monitoring and incident response services and coordinating activities aimed at preventing security incidents in the NetWorks infrastructure and NetWorks clients’ infrastructure according to signed agreements.

3.2 Constituency

Constituency consists of:

• NetWorks Sp. z o.o. company and its employees
• NetWorks IT/NT infrastructure
• NetWorks clients’ IT/NT infrastructure (including RAN networks) managed by NetWorks according to internal agreements
• External IP ranges: 77.65.209.0/24, 80.51.236.0/24
• External domains: networks.pl, networks.com.pl

3.3 Sponsorship and/or affiliation

CERT.NETWORKS.PL is the initiative of NetWorks Sp. z o.o company.

3.4 Authority

CERT.NETWORKS.PL operates under the auspices of, and with authority delegated by the management board of NetWorks Sp. z o.o. and is authorized to provide services in accordance with the section "Services" for the Constituency, in particular it is authorized to take all necessary actions to limit the effects of cyberattacks according to internal procedures and runbooks.

4. Policies

4.1 Types of Incidents and Level of Support

The CERT.NETWORKS.PL is authorized to address all types of computer security incidents which occur, or threaten to occur, at NetWorks Sp. z o.o. Level of Support is described in internal policies and agreements.

4.2 Co-operation, interaction and disclosure of information

CERT.NETWORKS.PL cooperates with other CSIRTs in telecom industry.

CERT.NETWORKS.PL uses PGP and Sharing Traffic Light Protocol (STLP v2.0):

• TLP:RED - personal for named recipients only
• TLP:AMBER - limited disclosure within organization and clients. Note that TLP:AMBER+STRICT restricts sharing to the organization only.
• TLP:GREEN - community wide
• TLP:CLEAR - unlimited, may be distributed freely, without restriction.

4.3 Communication and authentication

It`s recommended to use of PGP in all cases where sensitive information is involved. Communication via e-mail is preferred.

5. Services

List of services provided by CERT.NETWORKS.PL is presented below.

5.1 Service Area: Information Security Event Management

• Monitoring and detection
• Event analysis

5.2 Service Area: Information Security Incident Management

• Information security incident report acceptance
• Information security incident analysis
• Artifact and forensic evidence analysis
• Mitigation and recovery
• Information security incident coordination
• Crisis management support

5.3 Service Area: Vulnerability Management

• Vulnerability discovery / research
• Vulnerability report intake
• Vulnerability analysis
• Vulnerability coordination
• Vulnerability disclosure
• Vulnerability response

5.4 Service Area: Situational Awareness

• Data acquisition
• Analysis and synthesis
• Communication

5.5 Service Area: Knowledge Transfer

• Awareness building

6. Incident reporting forms

There are no incident reporting forms publicly available.

7. Disclaimer

While every precaution will be taken in the preparation of information, notifications and alerts, CERT.NETWORKS.PL assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.