BGD e-GOV CIRT receives information regarding cyber security incidents, triage incidents and coordinate response. The incident handling unit provides following services:
- Vulnerability Assessment
Constantly performing vulnerability assessment to finding and measuring the severity of vulnerabilities on assets located at the National Data Center as well as these activities can be provided to the constituency on a special official request.
- Penetration Test
Performs penetration test to breach security defenses on assets as well as provides the remediation for vulnerabilities by signing rules of engagement with constituency.
- Incident Analysis
Analyze incident evidence to find out the root cause of how the attack has been made by the attacker and provides the best practice guidance in order to prevent further attacks.
- Security Threat Notification
Receives cyber security threat information like zero-day vulnerability, malware information, ransomware infection details etc. from trusted sources, filters and distributes them among the constituency.
- Incident Coordination
Receives incident notification related to BGD e-GOV CIRT’s constituent networks from trusted CERT communities and forward those incidents to the concern constituents for mitigation.
- Discover the security flaws of the assets.
- Measure security defenses against cyber attacks.
- Mitigate the potential damage after a security incident.
- Strengthen your security defenses against future incidents with lessons learned.
- Be prepared for advanced cyber attacks by receiving threat notifications.
Incident Handling workflow:
- Incident identification
- Incident logging
- Incident categorization
- Incident prioritization
- Initial diagnosis
- Incident Escalation
- Incident resolution
- Incident closure