The forensic analysis of computer systems has the objective of finding what happened during a security incident. It seeks giving an answer to the questions that usually surround every incident:
From esCERT-UPC we participate in both private forensic analysis and in those related to juridical processes, following at every moment a strict forensic methodology.
Our forensic analysis services are focused to those organizations that have suffered attacks, intrusions and/or information robbery, as to the wronged that require an investigation process where digital data is involved: emails, web pages, etcetera.
Using the most advanced techniques allow the esCERT’s security team to help to recover lost information over practically any kind of device and operative system.
The GUAITA platform, developed by us, has as main objective to keep System Administrators informed about the new vulnerabilities that arise in operating systems, software, devices, etc. in order to help them prevent intrusions in their computer systems.
All the notices published in GUAITA allow to knowing thoroughly each vulnerability, the impact that its exploitation can have as well as the measures to take to update the affected systems.
GUAITA offers the System Administrators a personalized panel to their needs from where they can:
For over 15 years, our professionals have helped in the education on the security field to all kind of entities: CCN-CERT, Mossos d’Esquadra, Generalitat de Catalunya, etcetera.
Within the collaboration contract with Universitat Politècnica de Catalunya (UPC), from esCERT-UPC we periodically impart different courses of security addressed to all the university community.
In the same way, from the perspective of divulgating all the related computer security aspects, from esCERT-UPC we also offer personalized formation courses to companies and external technicians.
Through our formation courses, with syllabus and specific documentation adapted to the client needs, it is possible to prepare for different certificate graduations as CSTX, CISA o CISM as for the professional consultants formation.
Some courses usually imparted are:
From esCERT-UPC we offer a personalized service of audits oriented to web environments with the goal of recommending mechanisms to improve the security of the company’s information systems.
This kind of audits are necessary to avoid possible intrusions into the systems through their software vulnerabilities.
The Web Audits service includes:
The tests that applications go through, compatible with OWASP methodology, are enumerated right below:
The security implementation and management projects require a good methodology in order to succeed. To do so, it is necessary to analyze the specific client needs and then implement those politics more appropriately for their environment.
During the project realization, from esCERT-UPC we analyze and contemplate the possible inclusion of the following components:
The UPC incident response team (esCERT-UPC) help schools and departments that have detected a possible incident in their networks.
To do so, we provide the necessary contact info to report, identify and analyze the facts, suggesting solutions and strategies to solve the problem.
If you think that your school or department has been involved in a security incident or if you have detected some kind of security problem in your systems and need the help of esCERT-UPC team, send us all the information to: cert@escert.upc.edu.
The quality of information systems is a fundamental factor to succeed in projects of the TIC environment.
From esCERT-UPC we offer a set of services oriented to the compliance of this information systems with the current law::
esCERT helps and advises in security and incident response in IT networks. The main goals of our organization are:
esCERT offers the UPC a service of incident response based on preventive and reactive measures.
The Preventive Support service offered by esCERT to UPC has the aim to help system administrators of the UPC to improve the security of their systems. All preventive measures have the objective to inform administrators about potential or real vulnerabilities of their systems and the appropriate solutions for their prevention.
The preventive measures that we offer are:
The Reactive Support service offered by esCERT to the UPC has the goal of giving support to the system administrators of the UPC on the communication, management and resolution of computer security incidents, and of providing informs and statistics, and acting as the Coordinator Center in emergency situations.
The reactive measures are the following: