Scope

The purpose of CERT.at is to coordinate security efforts and incident response for IT-security problems on a national level in Austria.

Constituency

The constituency are IT-security teams and local CERTs in Austria.

Pro-active and educational material will be provided for SMEs and the general public as well.

As part of a cooperation agreement with the Austrian Government CERT, CERT.at provides resources for incident response in government networks.

Sponsorship and/or Affiliation

CERT.at is an initiative of nic.at, the Austrian domain registry.

Funding is provided by nic.at

Authority

CERT.at's main purpose in incident handling is the coordination of incident response. As such, we only advise local CERTs and have no authority to demand certain actions. We have indirect authority over AS35492 and are in very close contact with the ACONet CERT.

Confidentiality

CERT.at treats all submitted information as confidential per default, and will only forward it to concerned parties in order to resolve specific incidents.
For example: incoming report "Malware on www.foo.inalid/malware, please get it cleaned up". In this case, we would only forward the information to the concerned parties (domain-holder, hoster/ISP) to help them quickly fix the problem.

Especially we will not forward information about incidents to government authorities or the press without explicit prior permission by the submitting party.