ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents. Our services are focused on the building and development of our Customers’ capacity to efficiently secure their cyber-environment, early detecting and mitigating the threats and incidents. We build, develop and optimize/excell SOCs (Security Operations Centers) and CERT/CSIRTs (Computer Emergency Response Team/Computer Security Incidents Response Teams) and supply the Cyber Threat Intelligence data, focusing on local content.
Their basic activities include:
- deep monitoring of the Internet including the underground activities (fora, etc), to find the symptoms of planned or executed attacks
- detecting the cyber security threats and incidents (phishings, botnets, APTs, …) endangering our customers activities, and delivering the cybersecurity intelligence feeds to our customers’ security teams,
- undertaking the immediate actions upon information on an security incident, including alarming the customers about the incidents, assisting the customers in the process of combating the threat, mitigating its impact, improving their procedures to avoid similar threats in the future,
- undertaking immediate actions if their customers’ systems’ vulnerabilities detected, assisting the customers to effectively remove such vulnerabilities,
- improving their customers’ competences in dealing with such threats, by developing the competence (both organizational and technical) of the IT security teams, trainings and exercises.
- assisting their Customers in designing, building, and auditing their internal CSIRTs (Computer Security Incident Response Teams) and Security Operations Centers (SOCs).
Their customers are: the major banks (including 3 banks out of the largest 5 operating in Poland), Polish Parliament (Sejm), large critical infrastructure operators (energy and electricity) and numerous corporations.
Part of their activities are commercially funded and part are Pro bono publico: they notify and undertake actions upon detection of the threats targeted at governmental, educational, and non-profit organizations, which are not their customers.
A significant part of ComCERT’s activity is a cooperation with ENISA (European Network and Security Agency). Based on the frame agreement with the Agency ComCERT produces the best practices, guides and other documents for the IT security incident handling teams. One of the important components of this cooperation is a production of exercises scenarios of the CERT teams. They also participate in other internationally funded cybersecurity projects, including a number of cyberexercises. Among others they have been or are involved in building the governmental CERTs in Georgia and Bangladesh, in both countries they have run cybersecurity exercises.
ComCERT SA a Polish joint-stock company active on the market since 2011. The company is led by two seasoned experts, Tomasz Chlebowski and Mirosław Maj, who hold the majority of shares. Among their shareholders there are international entities providing the state-of-the-art know-how and professional approach. One of them controls 2 CERTs in Germany.
ComCERT is an accredited member of Trusted Introducer (European community of CERTs) and Abuse-Forum, cyber-crime fighting informal organization in Poland, and in the process of joining other international fora and groups.
They closely cooperate with the Cyber Security Foundation which is active in the field of the cybersecurity promotion. They jointly run CyberEXE Polska, the only national cyber exercises for the largest entities in Poland (banks, telcos, critical infrastructure companies). Cyber Security Foundation is a member of Anti Phishing Working Group (APWG), organizes the largest and the most prominent IT Security conference in Poland (Security Case Study), and publishes a number of security-related magazines.