The purpose of CERT.at is to coordinate security efforts and incident response for IT-security problems on a national level in Austria.
Constituency
The constituency are IT-security teams and local CERTs in Austria.
Pro-active and educational material will be provided for SMEs and the general public as well.
As part of a cooperation agreement with the
Austrian Government CERT, CERT.at provices
resources for incident response in government and crititical infrastructure networks.
Sponsorship and/or Affiliation
CERT.at is an initiative of nic.at, the Austrian domain registry.
Funding is provided by nic.at
Authority
CERT.at's main purpose in incident handling is the coordination of incident response. As such, we only advise local CERTs and have no authority to demand certain actions.
We have indirect authority over AS35492 and are in very close contact with the
ACONet CERT.
Confidentiality
CERT.at treats
all submitted information as confidential per default,
and will only forward it to concerned parties in order to resolve specific
incidents.
For example: incoming report
"Malware on www.foo.inalid/malware, please
get it cleaned up". In this case, we would only forward the information
to the concerned parties (domain-holder, hoster/ISP) to help them quickly
fix the problem.
Especially we will not forward information about incidents to government
authorities or the press without explicit prior permission by the submitting
party.