Search

By Topics

By Type

Published on

Advancing Software Security in the EU

Publications

This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to…
Private Sector

Good Practice Guide for Addressing Network and Information Security Aspects of Cybercrime

Publications

In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcing Agencies (LEA) on the other hand. Various activities have since been…

Private Sector

Good Practice Guide on Vulnerability Disclosure. From challenges to recommendations

Publications

Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…
National / EU authorities, Private Sector

Methodology for Sectoral Cybersecurity Assessments

Publications

The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…
Private Sector

Cybersecurity Certification: Candidate EUCC Scheme

Publications

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authorities, Private Sector

Cybersecurity Certification: Candidate EUCC Scheme V1.1.1

Publications

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authorities, Private Sector
European Cybersecurity Certification Conference

European Cybersecurity Certification: Celebrating achievements and exploring future horizons

News

At the eighth edition of the certification conference, the European Union Agency for Cybersecurity celebrates the first accredited Conformity Assessment Bodies for the EU Cybersecurity Certification scheme on Common Criteria (EUCC) .

National / EU authorities, Private Sector

Navigating through Challenges and Opportunities of Cybersecurity Standardisation

News

On 5 March, the European Standardisation Organisations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organise their 8th Cybersecurity Standardisation Conference.
Private Sector
Shield with lock icon. ENISA is a common vulnerabilities and exposures Numbering authority

Another step forward towards responsible vulnerability disclosure in Europe

News

The EU Agency for Cybersecurity (ENISA) expands its support to EU CSIRTs for Coordinated Vulnerability Disclosure and is now authorised as a Common Vulnerabilities and Exposures (CVE) Numbering Authority.

National / EU authorities, Private Sector

Standards

Topics content

ENISA supports the promotion of a single market for cybersecurity products and the securing of all elements of their supply chains.