CSIRT
Proximus Luxembourg Cyber Security Incident Response Team (also known as Proximus Luxembourg-CSIRT) is a private CSIRT, defined, owned and operated by Proximus Luxembourg S.A. from the territory of the Grand-Duchy of Luxembourg.
Proximus Luxembourg-CSIRT is the response entity for the cybersecurity and computer security incidents related to the Autonomous System Number (ASN) AS56665 also known as AS-PROXIMUS.
Proximus Luxembourg-CSIRT is a member of CERT.lu and is also Trusted Introducer Accredited since 2016, March 25th.
It covers incidents originated from or targeted the Autonomous System AS56665 as well as the services offered by Proximus NXT to its customers and employees. Consequently, the Proximus NXT' customers using IP address(es) belonging to the Autonomous System AS56665 are included in the constituency of Proximus Luxembourg-CSIRT. In some cases, Proximus Luxembourg-CSIRT may not have the right or power to respond to all reported security events, vulnerabilities, and incidents related to the AS56665 and the associated IP address ranges. However, Proximus Luxembourg-CSIRT will be able to coordinate and / or support incident response, vulnerability management, and communication of alert and warning messages with relevant stakeholders in accordance with applicable legislation.
What are missions of Telindus-CSIRT?
The rfc2350 from Proximus Luxembourg-CSIRT is available in English only: Proximus Luxembourg-CSIRT_rfc2350.pdf (sig)
Mission of Proximus Luxembourg-CSIRT is to provide the following set of information security incident management related services to its constituency:
-
Provide a response facility to ICT-incidents,
-
Setup of a Central-Point-of-Contact for ICT-Incidents between Proximus NXT, its constituency and various CSIRTs,
-
Support Proximus NXT internal operational teams to respond from ICT-incidents,
-
Coordinate communication among various incident response teams,
-
Provide security expertise and advice,
How to contact Proximus Luxembourg-CSIRT?
-
E-mail : <csirt (at) Proximus NXT (dot) lu> (preferred method/preferably encrypted)
-
Phone: +352 532 450 820915-1
-
Hours of operation: 09h00-17h00 CET from Monday to Friday except during Luxembourg’s public holidays
-
Outside of these hours / in case of emergency / for operational problems : <telecomsd (at) Proximus NXT (dot) lu>
What is the PGP key of Proximus Luxembourg-CSIRT?
Proximus Luxembourg-CSIRT has an OpenPGP public key, available on public key servers or at Proximus Luxembourg-CSIRT-public_key.asc
-
KeyID is 6E2EA9F8
-
Fingerprint is B6FB 4A00 5437 BA53 69D2 C379 F121 EBA2 6E2E A9F8
What are services provided by Proximus Luxembourg-CSIRT?
In line with the generic description of CSIRT Services maintained by the CERT Division of the Software Engineering Institute (SEI) of Carnegie Mellon University, Proximus Luxembourg-CSIRT provides a set of Reactive, Proactive and Security Quality Management services as per described in the rfc2350 :
Reactive services
• Alerts and Warnings
• Incident handling
• Forensic analysis
• Malware analysis
• Vulnerability handling
Proactive services
• Threat Intelligence
• Threat Hunting
• Security audits or assessments
• Configuration and maintenance of security tools, applications, and infrastructures
Security, quality management services
• Risk Analysis
• Security consulting for governance and compliance
• Awareness building
• Education/Training
• Security infrastructure management
• Ethical hacking
• Purple Teaming
How to report incidents to Proximus Luxembourg-CSIRT?
-
PDF format : Proximus Luxembourg-CSIRT_Incident_Reporting_Form.pdf (sig)
-
Doc Format : Proximus Luxembourg-CSIRT_Incident_Reporting_Form.docx (sig)
-
Text format : Proximus Luxembourg-CSIRT_Incident_Reporting_Form.txt (sig)
How to notify a vulnerability to Proximus Luxembourg-CSIRT?
When submitting your incident report, please use the form available at
-
PDF format : Proximus Luxembourg-CSIRT_Vulnerability_Notification_Form.pdf (sig)
-
Doc Format : Proximus Luxembourg-CSIRT_Vulnerability_Notification_Form.docx (sig)
-
Text format : Proximus Luxembourg-CSIRT_Vulnerability_Notification_Form.txt (sig)
Content from this page is classified as TLP:CLEAR meaning information may be distributed without restriction, subject to copyright controls