Skip to content Skip to main navigation Skip to footer

CSIRT

2017-11-27 in CSIRTEventsNews

SANReN Cyber Security Challenge 2017: Round one completed

During 2017 the South African National Research Network (SANReN) initiated the Cyber Security Games project which was aimed at establishing the hosting of an information security student competition with an emphasis on network security.

The project was conceptualised to create a platform for students to compete in real-time during the Centre for High Performance Computing (CHPC) National Conference 2017. The real-time competition will consist of the following:

  • The challenge will test the problem-solving skills of participating teams by requiring them to complete tasks in penetration testing, incident response, digital forensics and cryptography;
  • An attack/defence system for team vs team battles. The systems used consists of dedicated pre-configured hardware and software. In the attack/defence competition, the teams have to hack each other, but also fix vulnerabilities in their own applications (by means of source code changes); and
  • Independently manned scoring system.

Due to the high interest received from students, the competition has been split into two rounds.

During the first round, students competed for positions to compete in the final round to be hosted at the CHPC National Conference 2017. Over one hundred students from seven universities competed in the first round that was hosted during October 2017.

For the first round, the students had to solve network security problems and identify security issues such as:

  • Decrypting Passwords;
  • Geo-locating pictures;
  • Solving password hashes;
  • Securing Web sites;
  • Finding information from TCP traffic; and
  • Extracting weak security keys.

From the first round only 32 students comprising eight teams have been placed to compete in the second and final round that will span four days from the 3rd to 6th December 2017.

Dr Renier van Heerden, project manager for the Cyber Security Games project had the following to say ”The Cyber Security Games expose students to an environment where they are confronted by real-time cyber adversaries. They have to adapt their theoretical information security knowledge to keep systems secure in real time. Additionally, they can also learn how bad guys attack networks in order to better defend cyber infrastructure in the future.”

Overall the Cybersecurity Challenge aims to stimulate interest in information and cyber security with computer networks by presenting students with challenges that replicate real-world scenarios.

This challenge was initiated by the SANReN Computer Security Incident Response Team (CSIRT) as part of its mission to reduce information security incidents in South Africa particularly through awareness and training activities. For more information on other CSIRT initiatives please visit https://csirt.sanren.ac.za.

The eventual aim is to be able to sponsor the winning student team to compete at an appropriate international competition, such as the European Cyber Security Challenge.

For more information about the Cyber Security Challenge 2017 please contact: csc@sanren.ac.za

2017-01-28 in CSIRTServices

Free Vulnerability Assessment till 30 September 2017!

Each vulnerability assessment encapsulates a process to identify, classify, report on and provide remediation advice for the security weaknesses of a constituent’s IT infrastructure. It entails a scan to uncover exploitable weaknesses in network devices, servers and systems. The results are manually verified and then compiled into an easy-to-read, actionable report.

A combination of regularly scheduled vulnerability assessments and penetration testing will help institutions identify security weaknesses in IT infrastructure before they can be used in an attack. The institution can then take action to remedy the weaknesses and prevent an attack/compromise.

Key features:

  • External and internal options available
  • Multiple scanners used (commercial and open source)
  • Scalable to unlimited IP addresses
  • Optional DNS verification
  • Customised report and remediation advice
  • Severity-level classification to aid remediation prioritisation
  • Manual (infosec expert) verification
  • User-friendly, actionable report (reduced page count)
  • Follow up advice or assistance (limited)
  • Cost-effective charging model

What we need:

  1. Permission to scan – from the appropriate authority
  2. List of domain(s) and/or IP addresses
  3. Security contact details + PGP key

You get:

  1. Extensive, low-intensity assessment using multiple scanners
  2. Manual verification/analysis/research
  3. Report summarising the findings and providing actionable remediation advice
  4. Spreadsheet with raw results
  5. Limited follow-up consultation if required

From passionate information security specialists!

For more information please see the SANReN CSIRT website.

 

2017-01-12 in CSIRTServicesUpdates

SA NREN CSIRT Update

The SANReN Computer Security Incident Response Team (CSIRT) have been working hard to get the proactive CSIRT services operational. We launched our website, in November.

Currently, we offer vulnerability assessments and announcements services. This includes one free vulnerability scan per institution valid until end September 2017. To make use of this offer, please email the following requested information to csirt@sanren.ac.za.

Over the next 3-6 months, we will be refining our announcements service. Look out for some exciting developments – e.g. customised vulnerability feeds and a CSIRT launch event / follow-up workshop.

We will be working closely with TENET this year to formalise the reactive services and complete the portfolio for CSIRT as well as partner with other (and especially NREN) CSIRTs around the world.

To subscribe to our mailing list (open to customers/beneficiaries of the NREN and supporting organisations), please send an email to csirt-news+subscribe@sanren.ac.za. Reply to the confirmation email and we’ll approve/verify.

To register a security contact for your site or institution, please send an email to csirt@sanren.ac.za.

For any other CSIRT-related queries or assistance please email csirt@sanren.ac.za. Feel free to provide input on what you’d like to see from the CSIRT.

2015-06-29 in CSIRTNewsServices

CSIRT workshop notes

On 26-27 May a workshop was held with the community to determine the way forward for establishing an NREN CSIRT (Computer Security Incident Response Team). See our earlier post for more information.

2015-06-23 in CSIRTNews

A model for security incident response in the South African National Research and Education network

This dissertation addresses the problem of a lack of a formal incident response capability in the South African National Research and Education Network (SA NREN). The model highlights the decisions required for the business requirements, services, team model and staff, policies and processes, tools and technologies, and partners of a CSIRT respectively. Implementing this model will result in a prepared, improved and coordinated response to IT security incidents affecting the SA NREN.

Find it here.

Back to top