Papers

Our analysis of dark IP address space by applying Discrete Fourier Transform to discover periodicity in network traffic

The yearly report from CERT Polska containing aggregate information on Polish Internet security incidents, threats and statistics.

English version of our yearly report, contaning data on incidents and threats from 2014.

Our report on cybercrime actor we dubbed “The Postal Group” (“grupa pocztowa”) due to usage of phony Post Office notifications.

We have developed the following exercises aimed at CERT or CSIRT teams:

• No. 1 Triage & basic incident handling (Handbook | Toolset)
• No. 2 Incident handling procedure testing (Handbook | Toolset)
• No. 3 Recruitment of CERT staff (Handbook | Toolset)
• No. 4 Developing CERT infrastructure (Handbook | Toolset)
• No. 5 Vulnerability handling (Handbook | Toolset)
• No. 6 Writing security advisories (Handbook | Toolset)
• No. 7 Network forensics (Handbook | Toolset)
• No. 8 Establishing external contacts (Handbook | Toolset)
• No. 9 Large scale incident handling (Handbook | Toolset)
• No. 10 Automation in incident handling (Handbook | Toolset)
• No. 11 Incident handling in live role playing (Handbook | Toolset)
• No. 12 Cooperation with Law Enforcement agencies (Handbook | Toolset)
• No. 23 Honeypots (Handbook | Toolset)

Set of guides on utilizing actionable information, comissioned by ENISA.

The 2012 report (including ARAKIS data).

Report on employing honeypots to detect network threat, comissioned by ENISA.

Yearly data for 2011 (including ARAKIS data).