ENISA published “Proactive detection – Measures and information sources” report

EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources.

The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect network security incidents in the EU.

The documents aims at evaluating methods, tools, activities and information sources for proactive detection of network security incidents.

The proactive detection process aims at discovering malicious activity conducted by threat actors through internal monitoring tools or external sources that shares information about detected incidents.

“The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident response teams in Europe nowadays.” reads the report. “The current report evaluates available methods, tools, activities and information sources for proactive detection of network incidents.”

The EU agency launched this project to improve the detection of network security incidents in the EU, by:

Providing an inventory of available measures and information sources;
Identifying good practices;
Recommending possible areas for development.

This report identifies and analyzes how proactive detection in the EU is evolved between 2011 and 2019. Among the goals of the project there is the exploration of new areas that could help to improve operational cooperation and information sharing.

The deliverable of the project are three reports and in a living repository hosted on GitHub.

“The objective is to offer a point of reference for new or well-established teams who need to identify or reassess appropriate measures for proactive detection of incidents.” continues the post published by ENISA.

1- Report – Survey results

Survey among incident response teams in Europe;
Comparison with the 2011 survey.

2- Report – Measures and information sources

Inventory of available methods, tools, activities and information sources;
Evaluation of identified measures and information sources.

3- Report – Good practices gap analysis recommendations

Analysis of the data gathered;
Recommendations.

4- Online repository – GitHub

Information sources;
Measures and tools.

Enjoy the report!

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ENISA, cybersecurity)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.