The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services. CERT Polska is the first Polish computer emergency response team. Active since 1996 in the response teams community, it has become a recognized and experienced entity in the field of computer security. Since its launch, the core of the team’s activity has been handling security incidents and cooperation with similar units worldwide. CERT Polska also conducts extensive security-related R&D. In 1998, CERT Polska became a member of the international forum of response teams (FIRST), and since 2000 it has been a member of the working group of the European response teams: TERENA TF-CSIRT, accredited by Trusted Introducer. In 2005 by the initiative of CERT Polska, a forum of Polish abuse teams, Abuse FORUM, was created. In 2010 CERT Polska joined the Anti-Phishing Working Group, an association of companies and institutions which actively fight on-line crime.
Main responsibilities of CERT Polska include:
- registration and handling of network security incidents;
- active response in case of direct threats to users;
- cooperation with other CERT teams in Poland and worldwide;
- participation in national and international projects related to the IT security;
- research into methods of detecting security incidents, analysis of malware, systems for exchanging information on threats;
- development of proprietary and open source tools for detection, monitoring, analysis, and correlation of threat;
- regular publication of the annual CERT Polska Report on security of Polish cyberspace;
- informational and educational activities, aimed at raising awareness in relation to IT security, including:
- maintaining a blog at cert.pl as well as Facebook and Twitter accounts;
- organization of the annual SECURE conference;
- analysis and testing of IT security solutions.
CNA
Since 2023 we are a Partner of CVE Program as a CNA (CVE Numbering Authority). Our CVD Policy is available here.
RFC 2350
Complete, RFC 2350-compliant team description is available here. The document is PGP-signed with the team key.