ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents. Our services are focused on the building and development of our Customers’ capacity to efficiently secure their cyber-environment, early detecting and mitigating the threats and incidents. We build, develop and optimize/excell SOCs (Security Operations Centers) and CERT/CSIRTs (Computer Emergency Response Team/Computer Security Incidents Response Teams) and supply the Cyber Threat Intelligence data, focusing on local content.
Our basic activities include:
- deep monitoring of the Internet including the underground activities (fora, etc), to find the symptoms of planned or executed attacks
- detecting the cyber security threats and incidents (phishings, botnets, APTs, …) endangering our customers activities, and delivering the cybersecurity intelligence feeds to our customers’ security teams,
- undertaking the immediate actions upon information on an security incident, including alarming the customers about the incidents, assisting the customers in the process of combating the threat, mitigating its impact, improving their procedures to avoid similar threats in the future,
- undertaking immediate actions if our customers’ systems’ vulnerabilities detected, assisting the customers to effectively remove such vulnerabilities,
- improving our customers’ competences in dealing with such threats, by developing the competence (both organizational and technical) of the IT security teams, trainings and exercises.
- assisting our Customers in designing, building, and auditing their internal CSIRTs (Computer Security Incident Response Teams) and Security Operations Centers (SOCs).
Our customers are: the major banks (including 3 banks out of the largest 5 operating in Poland), Polish Parliament (Sejm), large critical infrastructure operators (energy and electricity) and numerous corporations.
Part of our activities are commercially funded and part are Pro bono publico: we notify and undertake actions upon detection of the threats targeted at governmental, educational, and non-profit organizations, which are not our customers.
A significant part of ComCERT’s activity is a cooperation with ENISA (European Network and Security Agency). Based on the frame agreement with the Agency ComCERT produces the best practices, guides and other documents for the IT security incident handling teams. One of the important components of this cooperation is a production of exercises scenarios of the CERT teams. We also participate in other internationally funded cybersecurity projects, including a number of cyberexercises. Among others we have been or are involved in building the governmental CERTs in Georgia and Bangladesh, in both countries we have run cybersecurity exercises.
ComCERT SA a Polish joint-stock company active on the market since 2011. The company is led by two seasoned experts, Tomasz Chlebowski and Mirosław Maj, who hold the majority of shares. Among our shareholders there are international entities providing the state-of-the-art know-how and professional approach. One of them controls 2 CERTs in Germany.
ComCERT is an accredited member of Trusted Introducer (European community of CERTs) and Abuse-Forum, cyber-crime fighting informal organization in Poland, and in the process of joining other international fora and groups.
We closely cooperate with the Cyber Security Foundation which is active in the field of the cybersecurity promotion. We jointly run CyberEXE Polska, the only national cyber exercises for the largest entities in Poland (banks, telcos, critical infrastructure companies). Cyber Security Foundation is a member of Anti Phishing Working Group (APWG), organizes the largest and the most prominent IT Security conference in Poland (Security Case Study), and publishes a number of security-related magazines.