CERT / CSIRT

TEHTRIS CERT / CSIRT

TEHTRIS experts are providing the ability to assist TEHTRIS XDR Platform customers in incident management (MSSP TEHTRIS XDR Platform, Service). They cover the following tasks:

  • Investigating whether an incident really occurred
  • Determining the extent of the incident.
  • Determining the initial cause of the incident (vulnerability exploited)
  • Facilitating contact with other sites which may be involved
  • Facilitating contact with appropriate law enforcement officials, if necessary
  • Making reports to other CSIRTs
  • Composing announcements to users, if applicable
  • Providing action plan to remove the vulnerability and supporting local administrators to perform the action plan
  • Providing action plan and support to help securing the system from the effects of the incident
  • Evaluating whether certain actions are likely to reap results in proportion to their cost and risk
  • Providing an action plan and support to collect any evidence after the fact in order to be used in criminal prosecution or any disciplinary action

CERT

As a CSIRT, TEHTRIS is a member of the official list of CERT entities [CERT TEHTRIS].​

CONTACT

Short name: CERT-TEHTRIS

Long name: CERT TEHTRI-Security

Address: 13-15 rue Taitbout, 75009, PARIS, FRANCE

Phone: +33 (0) 9-72-43-07-64

Mail : moc.sirthet@trec

ID: 19C7 677A AB9A 85E6

Fingerprint: A1F2 9BA1 2811 4E68 043C 07C5 19C7 677A AB9A 85E6

Official RFC 2350 TEHTRIS-CERT document

RCE on PRTG Network Monitor – TEHTRIS PENTEST

RCE on PRTG Network Monitor TEHTRIS PENTEST Earlier this year, a TEHTRIS team has been mandated in order to conduct a remote pentest. The maturity level of the information system audited didn’t allow to identify any vulnerability directly exposed on the internet. TEHTRIS then decided to dig deeper into the

En savoir plus »

CVE-2020-0601 / VULNERABILITY IN THE CRYPTOAPI OF WINDOWS (CRYPT32.DLL)

CVE-2020-0601 / VULNERABILITY IN THE CRYPTOAPI OF WINDOWS (CRYPT32.DLL) Execution of a Trojan horse signed with an exploit of the CVE-2020-0601 A spoofing vulnerability has been discovered in the way the Windows cryptographic library (crypt32.dll) validates certificates composed of elliptic curves (ECC). Successful exploitation of this loophole could lead to

En savoir plus »

TEHTRIS TEAM