Search

By Topics

By Type

Published on

ENISA CSIRT maturity assessment model

Publications

This is the updated version of the "Challenges for National CSIRTs in Europe in 2016: Study on CSIRT Maturity" published by ENISA in 2017. The study takes all relevant information sources into account, with a special emphasis on the NIS Directive,…
National / EU authorities, Private Sector

ENISA Maturity Evaluation Methodology for CSIRTs

Publications

This is the updated version of the "Study on CSIRT Maturity – Evaluation Process" published by ENISA in 2017. The new version (v.2) reflects values that are consistent with other documents and studies on CSIRT maturity.
National / EU authorities, Private Sector

Reference Incident Classification Taxonomy

Publications

This taxonomy resulted from collaboration initiatives such as the annual ENISA/EC3 Workshop which involved CSIRTs, LEAs, ENISA, and EC3. Other examples include the eCSIRT.net taxonomy2 which was developed in 2003, and the eCSIRT.net mkVI taxonomy3…
National / EU authorities, Private Sector

A good practice guide of using taxonomies in incident prevention and detection

Publications

The aim of this document is to provide good practices on using taxonomies for incident detection and prevention by taking into account the input received from the CSIRT community and relevant information from previous ENISA studies. In addition, it…
National / EU authorities, Private Sector

Economics of Vulnerability Disclosure

Publications

Vulnerability disclosure refers to the process of identifying, reporting and patching weaknesses of software, hardware or services that can be exploited. The different actors within a vulnerability disclosure process are subject to a range of…
National / EU authorities, Private Sector
European Union Vulnerability Database - promotional image

Consult the European Vulnerability Database to enhance your digital security!

News

The European Union Agency for Cybersecurity (ENISA) has developed the European Vulnerability Database - EUVD as provided for by the NIS2 Directive. The EUVD service, to be maintained by ENISA, is now…

National / EU authorities, Private Sector
Visual with an attention sign and logos of ENISA, European Commission, and CERT-EU, with the text: 'Joint statement – Assessment and advice on Microsoft SharePoint Server.'

Joint Statement on SharePoint vulnerabilities - Assessment and advice on recovery and mitigating actions

News

The European Commission, the EU Agency for Cybersecurity (ENISA), the Cybersecurity Service for the Union institutions, bodies, offices and agencies (CERT-EU), and the network of the EU CSIRTs, are closely…

National / EU authorities, Private Sector
Shield with lock icon. ENISA is a common vulnerabilities and exposures Numbering authority

Another step forward towards responsible vulnerability disclosure in Europe

News

The EU Agency for Cybersecurity (ENISA) expands its support to EU CSIRTs for Coordinated Vulnerability Disclosure and is now authorised as a Common Vulnerabilities and Exposures (CVE) Numbering Authority.

National / EU authorities, Private Sector

Coordinated Vulnerability Disclosure: Towards a Common EU Approach

News

The new report of the European Union Agency for Cybersecurity (ENISA) explores how to develop harmonised national vulnerability programmes and initiatives in the EU.
National / EU authorities, Private Sector

Coordinated Vulnerability Disclosure policies in the EU

News

The European Union Agency for Cybersecurity (ENISA) publishes a map of national Coordinated Vulnerability Disclosure (CVD) policies in the EU Member States and makes recommendations.

National / EU authorities, Private Sector