cudeso.be - RFC2350

cudeso.be profile

The following profile of cudeso.be has been established in adherence to RFC-2350.



1. Document Information

1.1. Date of Last Update

This is version 1.0 of 01-Feb-2022


1.2. Distribution List for Notifications

This profile is kept up­to­date on the location specified in 1.3 . There is no distribution list for notifications provided by cudeso.be . Any specific questions or remarks please address to the cudeso.be mail contact address.


1.3. Locations Where this Document May Be Found

The current version of this profile is always available on https://www.cudeso.be/rfc2350.html



2. Contact Information

2.1. Name of the Team

cudeso.be


2.2. Address

cudeso.be Comm.V.
Koude Keukenstraat 34
8200 Brugge
Belgium


2.3. Time Zone

GMT+1 (CET)


2.4. Telephone Number

+32 (0) 476 98 12 10


2.5. Facsimile Number

None


2.6. Other Telecommunication

Twitter: @cudeso


2.7. Electronic Mail Address

koen.vanimpe (at) cudeso.be


2.8. Public Keys and Encryption Information

PGP/GnuPG is supported for secure communication.

PGP Key ID: 0xf9c306e88039b694

PGP Key Fingerprint: 7349 EF7F BFC9 7B93 1722 5105 F9C3 06E8 8039 B694


2.9. Team members

Not available.


2.10. Other Information

General information about cudeso.be is available at cudeso.be .


2.11. Points of Customer Contact

The preferred method for contacting cudeso.be is via e-mail.



3. Charter

3.1. Mission Statement

cudeso.be is a private CSIRT delivering security services, mainly in Belgium.


3.2. Constituency

The constituency of cudeso.be is its customer community which can be found in private sector organisations, public sector bodies and commercial bodies.


3.3. Sponsorship and/or Affiliation

The CSIRT of cudeso.be is part of cudeso.be Comm.V. (BE VAT 0656.480.558).


3.4. Authority

cudeso.be coordinates security incidents on behalf of its constituency, and only at its constituents'request.



4. Policies

4.1. Types of Incidents and Level of Support

cudeso.be addresses all types of computer security incidents or threats which occur in its constituency (see 3.2).

The level of support will vary depending on the type and severity of the incident or issue, its potential or assessed impact, the type of constituent, the size of the user community affected, and the cudeso.be available resources at the time.


4.2. Co-operation, Interaction and Disclosure of Information

All incoming information is handled confidentially, regardless of its priority. cudeso.be supports the use of the information sharing Traffic Light Protocol (TLP https://www.first.org/tlp/).

cudeso.be operates within the bounds of the Belgian Law.


4.3. Communication and Authentication

E-mails and telephones are considered sufficiently secure to be used even unencrypted for the transmission of low-sensitivity data. If it is necessary to send sensitive data by e-mail, encryption (preferrably PGP) will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing webs of trust or by other methods like call-back, mail-back or even face-to-face meeting if necessary.

cudeso.be protects sensitive information in accordance with relevant Belgian and European regulations and policies within Belgium and the EU. cudeso.be respects the sensitivity markings allocated by originators of information communicated to cudeso.be.



5. Services

5.1. Incident Response (Triage, Coordination and Resolution)

  • Alerts & warnings
  • Incident triage
    • Investigating whether an incident occurred
    • Determining the extent of the incident
  • Incident coordination
    • Determining the initial cause of the incident
    • Facilitating contact with other sites which may be involved
    • Communicate with stakeholders
    • Reporting to other CSIRTs
    • Facilitating contact with appropriate law enforcement agencies
  • Incident response
    • Provide assistance in evidence collection and data interpretation
    • Helping to remove the vulnerability
    • Helping to secure the system from the effects of the incident
  • Threat intelligence
    • Disseminating information on cyber attacks
    • Providing situational awareness
    • Technology support
  • Artefact analysis
  • Forensic analysis
  • Vulnerability management


5.2. Proactive Services

  • Announcements
  • Development of security tools
  • Intrusion detection services
  • Technology watch


5.3. Quality Management Services

  • Awareness building
  • Education & training
  • Threat analysis
  • Security consulting



6. Incident reporting Forms

Not available. Preferably report incidents in plain text using signed or encrypted e-mail.


7. Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, cudeso.be assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

Let's Get In Touch!

Ready to use our service?
Send us an email and we will get back to you!

Koude Keukenstraat 34
B-8200 Brugge
Belgium

VAT 0656.480.558
BE45 9731 5678 6689

+32 476 981210

info(at)cudeso(dot)be


RFC2350