Provide specialized technical support in the various disciplines of incident analysis, when necessary.
The Portuguese National Cybersecurity Centre provides on-site support for the analysis of incidents involving the following communities:
Operators of Essential Services;
Operators of national Critical Infrastructures;
Digital Service Providers;
Cyberattacks are increasingly sophisticated and the resulting incidents are increasingly difficult to analyze, often requiring nonexistent expertise in the organizations affected by the attacks.
Some entities do not have the capabilities needed to perform complex forensic investigations resulting from cyberattacks. In order to provide a response to this need, the Portuguese National Cybersecurity Center has a set of specialized tools and technicians with experience in artifact analysis in the context of incident management, which maybe requested in the case of incidents considered serious.
The on-site support includes providing assistance at the premises of the requesting entity, when analyzing and responding to cybersecurity incidents, by specialized technicians of the Portuguese National Cybersecurity Center.
Depending on the needs in particular, the provided support can, among others, include:
- Forensic analysis to machines or hardware;
- Traffic analysis;
- Malware analysis;
- Contacting with other national or international CSIRTs;
- Issuing recommendations;
- Support in the application of mitigation and resolving measures;
- The Portuguese National Cybersecurity Centre does not execute the mitigation and resolving measures. This responsibility belongs to each of the entities involved.
How to request the service?
The application for on-site support is done through e-mail sent to the address mail firstname.lastname@example.org, containing detailed information on the incident.
We recommend the use of our PGP (Pretty Good Privacy) key:
PGP Fingerprint: B83E AA3C F80B 25C8 7C65 184E 3AC9 DECE A0F7 ACFB
PGP Key ID: 0x0A0F7ACFB