About C-SIRT
Heimcore C-SIRT
Welcome to Heimcore, a technology solutions company that specializes in the protection of business systems and data.
Our team of highly trained professionals offers technological security services, including our CSIRT (Computer Security Incident Response Team) service.
 
															Mission
Our mission is to provide customized and effective technology security solutions that help protect our clients against cyber threats.
Vision
Our vision is to be the leading provider of technological security solutions and to be recognized for our innovative approach and our ability to adapt to the needs of our clients.
What is
Heimcore CSIRT is our computer security incident response team. We offer a wide range of specialized services to help organizations identify, prevent and respond to computer security incidents.
Our services include threat monitoring and detection, incident response, incident analysis, and security consulting, among others.
Why choose Heimcore CSIRT?
 
															Heimcore Incident Response Process:
Our Team:
Incident Response
Assessment
Containment
Analysis
Mitigation
We then take steps to mitigate the impact of the incident, including restoring systems and implementing additional security measures to prevent future similar incidents.
Report
Features of Heimcore CSIRT
Experience and Technical Skills:
Monitoring and Detection:
Clear Processes and Procedures:
Training and Education:
Collaboration and Coordination:
Current cooperation with other regional CSIRTs:
 
															1. HEIMCORE C-SIRT Scope
2. Incident Types and Support Levels
HEIMCORE C-SIRT establishes various levels of support depending on the nature and severity of the incidents, as well as the impact they may have on the operations and security of companies. Support levels are classified as follows:
– Level 1: Critical incidents that require an immediate and priority response. They include attacks that compromise the integrity, confidentiality or availability of systems and data, as well as threats that put the physical security of users at risk.
– Level 2: High priority incidents that require a timely response. They include attacks that affect the availability of services, compromise sensitive information, and threaten to have a significant impact on the security of systems.
– Level 3: Medium priority incidents that require a response within a reasonable time frame. They include incidents that do not represent an immediate risk but require attention and follow-up to avoid possible negative consequences.
– Level 4: Low priority incidents that can be addressed over a longer time frame. They include minor or lower-impact incidents that do not require an immediate response, but must be evaluated and resolved within a reasonable time.
HEIMCORE C-SIRT support levels are established based on the type and severity of the incidents or problems reported, as well as the size of the affected community and the resources available at the time. The CSIRT response will be provided within a reasonable time frame and resources will be allocated according to the following priorities, in descending order:
- Threats to Physical Security:
Priority will be given to dealing with incidents that pose an immediate risk to people’s physical integrity.
- Attacks on Critical Infrastructure:
Incidents affecting information management systems or network infrastructure will receive a rapid and focused response.
- Attacks on Public Service Equipment:
Incidents affecting public service equipment, whether multi-user or dedicated, will be addressed in order to minimize the impact on the provision of essential services.
- Confidential Information Commitment:
Incidents involving unauthorized access or exposure of sensitive information will be addressed on a priority basis, especially those affecting restricted accounts or administration systems.
- Denial of Service Attacks:
Denial of service attacks affecting any of the above points will be responded to in a timely manner in order to mitigate the impact on the availability of systems and services.
- Other Types of Attacks:
Attention will be given to other types of attacks not mentioned above, assessing the severity and scope of each case individually.
- Incident Investigation and Response:
Thorough investigations will be conducted and incident responses will be provided within a reasonable time frame, taking into account the availability of resources and the priority assigned to each case.
It is important to note that priority of care may be adjusted based on the specific circumstances of each incident and the risk assessment performed by the HEIMCORE C-SIRT. The main objective is to ensure the security and protection of the infrastructure and assets of the organizations involved, as well as to minimize the impact caused by security incidents.
 
															3. Communication and Information Sharing
HEIMCORE C-SIRT promotes communication and information sharing to collaborate in the prevention and resolution of security incidents. Cooperation agreements will be established with other CSIRTs, security agencies and service providers to exchange information on threats, vulnerabilities and best practices. The communication of information will be governed by the following guidelines:
Confidentiality
The identity and confidential information of clients and Heimcore will be protected at all times. Information classified as confidential will be handled in accordance with Heimcore's internal policies and procedures.
Authentication
Authentication and validation measures will be implemented for the identity of the parties involved in the communication of sensitive information.
4. Publication of Information
HEIMCORE C-SIRT is committed to complying with all legal and ethical restrictions related to the sharing of information. We recognize the importance of fostering collaboration and cooperation in the field of computer security to prevent and resolve incidents effectively. Our information disclosure policy is based on the following principles:
- Confidentiality of Private Information:
Private User Information: No identifiable information about individual users or specific applications will be published outside of the HEIMCORE C-SIRT. Users’ identities will be protected and modified to preserve their anonymity in any presentation or report.
Intruder Information: No information that could identify intruders will be shared unless required by legal or judicial matters and will be shared only with competent authorities and other trusted CSIRTs.
- Responsible Disclosure:
Vulnerability Information: Technical information on vulnerabilities, attacks and mitigations will be shared, following best practices and agreed procedures. Reasonable efforts will be made to notify manufacturers prior to public disclosure on the Internet.
Private Information from Sites or Systems: No specific technical information about systems or sites will be disclosed without the prior consent of those responsible for such infrastructure.
Sensitive Information: Information that may cause embarrassment or harm to individual users, organizations or groups will not be published without their express consent.
- Communication and Cooperation:
CSIRT Heimcore Member Exchange: Heimcore network members will be provided with the information necessary to address security incidents in their respective areas of responsibility and jurisdictions.
Heimcore CEO: Heimcore’s CEO will have access to relevant information on security incidents and related issues to make decisions and coordinate necessary actions.
Heimcore Network Administrators: Heimcore member network administrators will receive relevant information to troubleshoot and protect their networks, servers and systems.
Heimcore Users: Users will be provided with information regarding the security of their accounts and will be assisted in investigating and mitigating any incidents affecting their systems.
Heimcore Community: Unrestricted information will be shared with the general community unless otherwise specified by the affected parties. The dissemination of statistical information and good practices will help raise awareness and strengthen security in the community.
External Cooperation: The HEIMCORE C-SIRT will collaborate responsibly and confidentially with other CSIRTs, entities, and manufacturers in resolving security incidents and improving the overall security environment.
We are committed to providing effective cooperation and confidentiality in all exchanges of information by following applicable laws and regulations. Security and privacy protection are our priority as we work together to maintain a safe digital environment for all Heimcore members and the community at large.
- Continuous Evaluation and Improvement
The HEIMCORE C-SIRT will conduct periodic evaluations of its performance and effectiveness in managing incidents. Metrics will be collected, and results analyzed to identify areas for improvement and implement corrective actions. The goal is to maintain a high level of quality in incident response and to adapt to new security threats and challenges.
These policies establish the guidelines and principles that govern the operations of HEIMCORE C-SIRT in managing security incidents. They will be reviewed and updated periodically to ensure their validity and relevance in a constantly evolving environment.
Legal Notice:
While every precaution has been taken in the preparation of information, notifications and alerts, HEIMCORE C-SIRT assumes no responsibility for errors, omissions or damages resulting from the information contained herein. HEIMCORE C-SIRT reserves the right to modify these policies at any time without prior notice.
- Call us
Heimcore SOC/CSIRT Team
PUC: 57 (601) 5804352
Mobile #: 304 2218925
- Write to us
csirt@heimcore.com.co
- Address
Calle 98 # 70-91 Oficina 202-203
Centro Empresarial Pontevedra –
Bogotá, Colombia.
- Opening hours
Sunday to Sunday
24/7
SOC First Level Support
- PGP Key
We guarantee your privacy: Implement PGP with our public key to encrypt your messages. Contact us for more information.
KEYID: 8996 1E77 367A 3BDB FINGERPRINT: E17A 2391 D092 8658 0197 AE6E DF2A 0615 F3E3 2CB4