CSIRT Description for CERT-AKAOMA

1. Document Information
This document contains a description of CERT-AKAOMA according to RFC 2350. It provides information about the CERT, how to contact the team, and describes its responsibilities and the services offered by CERT-AKAOMA.

1.1 Date of Last Update
The initial release of RFC2350 was published at 2016-07-29.
The current version of this document is release 1.2 and was published at 2017-05-23.

1.2 Distribution List for Notifications
There is no distribution list for notifications.

1.3 Locations where this Document May Be Found
The current version of this document can be found at:
https://www.akaoma.com/cert-akaoma/rfc2350-cert-akaoma

1.4 Document Authenticity
This document can be retrieved from our webserver using TLS/SSL also signed by the CERT PGP certificate.

2. Contact Information
This section describes how to contact CERT-AKAOMA.

2.1 Name of the Team
CERT AKAOMA
Short name : CERT-AKAOMA

2.2 Address
CERT AKAOMA
2 rue du Vieux Puits
27120 Jouy-sur-Eure
France

2.3 Time Zone
CEST / Central European Summer Time,

2.4 Telephone Number
+33 1 86 95 86 60

2.5 Facsimile Number
None available.

2.6 Other Telecommunication
None.

2.7 Electronic Mail Address
cert@akaoma.com

2.8 Public Keys and Encryption Information
Our current PGP-Key may be obtained by sending a request by mail for that at cert@akaoma.com
    Key ID : 0x8107D871
    Fingerprint : E1CC A00C D9C3 A35B F682  8521 09CF E473 8107 D871

2.9 Team Members
The Team leader is Christophe Pékar. The team consists mainly of IT security analysts.

2.10 Other Information
The CERT-AKAOMA Portal is available at the following URL: https://www.akaoma.com/CERT-AKAOMA

2.11 Points of Customer Contact
CERT-AKAOMA prefers to receive incident reports via e-mail. Please use our cryptographic keys above to ensure integrity and confidentiality.
CERT-AKAOMA's hours of operation are restricted to regular business hours (09:00-18:00 Monday to Friday), all year long.

3. Charter
Within this section our mandate is described.

3.1 Mission Statement
CERT-AKAOMA's mission is to coordinate and investigate IT security incident response for the French company AKAOMA and its own customers.
The CERT-AKAOMA will investigate any security incident that may involve the AKAOMA group entity as a source or target of an attack or any cyber-threat.

3.2 Constituency
Our constituency are composed of AKAOMA company and all subsidiaries.

3.3 Sponsorship and/or Affiliation
CERT-AKAOMA is the Computer Security Incident Response Team (CSIRT) for the company AKAOMA.
Funding is provided by the company AKAOMA.

CERT-AKAOMA is listed at TF-CSIRT since 2016-09-08.

3.4 Authority
We coordinate security incidents concerning our constituency.

4. Policies
This section describes our policies.

4.1 Types of Incidents and Level of Support
CERT-AKAOMA addresses all kinds of security incidents which occur, or threaten to occur, within its constituency.

The level of support depends on the type and severity of the given security incident, the amount of affected entities within our constituency, and our resources at the time.
Usually our first response comes on the same working day during working hours, if not it will be on the following working day.

4.2 Co-operation, Interaction and Disclosure of Information

CERT-AKAOMA will exchange all necessary information with other CSIRTs as well as with other affected parties if they are involved in the incident or incident response process.

No incident or vulnerability related information will be given to other persons. French law enforcement personnel requesting information in the course of a criminal investigation will be given the requested information within the limits of the court order and the criminal investigation, if they present a valid court order from a French court.

4.3 Communication and Authentication

All e-mails sent to the CERT AKAOMA should be signed using PGP. All e-mails containing confidential information should be encrypted and signed using PGP. Information received in encrypted form should not be stored permanently in unencrypted form.

For other communication, a phone call, postal service, or unencrypted e-mail may be used.

5. Services
This section describes the services CERT-AKAOMA offers.

5.1 Incident Response
The team offers the following services :
- Incident analysis
- Incident response support
- Incident response coordination
- Vulnerability response coordination

5.2 Proactive Activities
The team offers the following services :
- Intrusion detection services

5.3 Reactive Activities
The team offers the following services :
- Awareness building

6. Incident Reporting Forms
The incident reporting form is available at https://www.akaoma.com/cert-akaoma/identification-vulnerabilite

Incident reports should contain the following information:
    Incident date and time (including time zone)
    Source IPs, ports, and protocols
    Destination IPs, ports, and protocols
    And any relevant information

Please consider to report also security incidents via encrypted e-mail to cert@akaoma.com.
	
7. Disclaimers
This document is provided 'as is' without warranty of any kind, either expressed or implied, including, but not limited to, the implied warranties of merchantability, fitness for a particular purpose, or non-infringement.

If you notice any mistakes within this document please send a message to us by e-mail. We will try to resolve such issues as soon as possible.