Support for the development of SOC and CERT/CSIRT teams

ComCERT was one of the first Companies in the market to establish its CERT and SOC. For many years, we have been helping our Clients to build their team structures and to map out development paths.

If you have CERT teams within your structures and you wish to increase their level of maturity, we will be happy to assist you and we will tailor our participation to your expectations.

As part of increasing the maturity level of these teams, many organisations use the opportunity to participate in association initiatives such as TF-CSIRT (Task Force – Computer Security Incident Response Team) and FIRST (Forum of Incident Response and Security Teams). These initiatives provide the opportunity for operational exchange and sharing of expertise and experience in incident management. ComCERT as a member of both initiatives supports other entities in meeting the formal requirements to join the CSIRT community.


FIRST (Forum of Incident Response and Security Teams)

FIRST is a global forum for incident response and security teams. Membership in FIRST enables incident response teams to more effectively respond to security incidents, both reactively and proactively. FIRST provides platforms, resources, and tools for incident response teams to find the right partner and interact effectively, for transnational incidents.


FIRST brings together various computer security incident response teams from government, commercial, and educational organisations. FIRST aims to support cooperation and coordination in incident prevention, stimulate rapid response to incidents, and promote information sharing among members and the entire community.


There are currently 602 teams affiliated with FIRST.


TF-CSIRT (Task Force – Computer Security Incident Response Team)

A group operating within GEANT association ( dedicated to the cooperation of European response teams, exchange of information and good practices.

The Trusted Introducer service was established by the European CERT community in 2000 to address common needs and build a service infrastructure that provides essential support to all security and incident response teams.

The Trusted Introducer service creates a trusted backbone of infrastructure services and serves as an information centre for all security and incident response teams. It includes a list of known teams and accreditations, and certification of teams according to demonstrated and verified maturity level. It enables security and incident response teams to interact with each other more efficiently and effectively. Services are available to all accredited and certified teams.

442 teams are currently associated with TI.


Both organisations provide access to a wide selection of incident management materials, documents, standards and policies. They organise dedicated conferences and enable direct and trusted contact among computer incident response teams.