LLMpediaThe first transparent, open encyclopedia generated by LLMs

CERT.at

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: CERT-EU Hop 4
Expansion Funnel Raw 3 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted3
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
CERT.at
NameCERT.at
Established2006
JurisdictionRepublic of Austria
HeadquartersVienna
Parent agencyAIT Austrian Institute of Technology

CERT.at is the national computer security incident response team for the Republic of Austria, operating as a national cyber security coordination point. It provides incident handling, vulnerability coordination, and public advisories for Austrian public and private sector entities while interacting with European and international cyber security bodies. CERT.at works with national institutions, multinational organizations, research institutes, and standards bodies to enhance situational awareness and resilience against malicious cyber activity.

History

CERT.at traces its institutional roots to initiatives in Austrian information security and national infrastructure protection during the early 2000s, following developments in cyber incident response across North America and Europe such as the creation of the CERT Coordination Center and national teams like US-CERT. The establishment formalized technical incident response capabilities at the national level in Austria amid growing threats exemplified by incidents involving advanced persistent threat groups and large-scale worm outbreaks like Conficker. Over time CERT.at engaged with European Commission cyber security programs, participating in policy dialogues alongside agencies such as ENISA and national counterparts including CERT-FR, CERT-UK, and CERT-DE. Major milestones included expansions of services aligning with EU directives and cooperative frameworks inspired by experiences from events like the NotPetya outbreak and WannaCry ransomware incident.

Organization and Governance

CERT.at is structured within the Austrian cyber ecosystem under the auspices of the AIT Austrian Institute of Technology, coordinated with ministries and regulatory bodies including the Federal Chancellery and sectoral authorities. Governance mechanisms involve technical steering by cyber security experts and liaison officers connecting to institutions such as the European Commission, ENISA, NATO Cooperative Cyber Defence Centre of Excellence, and national regulators. Operational relationships include collaboration with law enforcement agencies like the Federal Criminal Police Office, judicial bodies, and intelligence services, while policy interfaces reach ministries responsible for digital affairs and infrastructure. CERT.at participates in international fora with representatives from organizations such as the Council of Europe, OECD, and the United Nations Office on Drugs and Crime to align incident response and disclosure practices.

Services and Activities

CERT.at provides a portfolio of services including incident handling, vulnerability coordination, early warning and situational awareness, and outreach such as training and exercises. It issues advisories and technical notes in collaboration with software vendors and standards organizations like ISO, IEC, and IETF, and coordinates disclosures involving commercial vendors including Microsoft, Cisco, and Red Hat. CERT.at operates monitoring and analysis capabilities leveraging intelligence feeds from CERT-EU, CIRCL, FIRST, and commercial providers, and supports capacity building with universities and research centers including TU Wien, Graz University of Technology, Johannes Kepler University Linz, and the University of Vienna. Services extend to awareness campaigns aimed at operators of critical infrastructure sectors such as energy, telecommunications, finance, and transportation, engaging stakeholders including Austrian Power Grid, ÖBB, and national banks.

Incident Response and Advisories

CERT.at conducts incident response workflows covering detection, containment, eradication, and recovery, collaborating with national Computer Emergency Response Teams such as AusCERT, US-CERT, CERT.NZ, and JPCERT. It produces advisories on malware variants, zero-day vulnerabilities, and coordinated disclosure notices, aligning practices with the Coordinated Vulnerability Disclosure policies advocated by organisations like FIRST and responsible disclosure norms from Project Zero. During major incidents CERT.at liaises with CERT-EU, EUROPOL, INTERPOL, and national CERTs to enable cross-border mitigation, and works with vendors and open source projects such as Debian, Ubuntu, Apache, and OpenSSL for patch coordination. Incident reporting channels connect to sector regulators including the Financial Market Authority and telecommunication regulators to ensure compliance with notification frameworks influenced by the NIS Directive and subsequent legislative instruments.

Partnerships and Cooperation

CERT.at maintains partnerships spanning European institutions, multinational organizations, academia, and private sector entities. It engages with ENISA, the European Commission’s cyber units, the NATO CCDCOE, and the EUROPOL European Cybercrime Centre for strategic cooperation. Memoranda of understanding and technical exchange occur with peer teams such as CERT-Bund, GOVCERT.NL, CERT-CH, and CERT-PL, and collaboration with research labs like Fraunhofer, AIT, and the Austrian Institute of Technology supports applied research. Industry partnerships involve coordination with major vendors and cloud providers including Amazon Web Services, Google Cloud, Microsoft Azure, and security vendors like Kaspersky, CrowdStrike, and Palo Alto Networks. CERT.at participates in exercises and information-sharing communities such as TF-CSIRT, FIRST, and national cyber exercises alongside ministries and operators of essential services.

Technology and Research

CERT.at leverages technologies for traffic analysis, intrusion detection, malware sandboxing, threat intelligence platforms, and automated vulnerability scanning, integrating tooling from projects and standards endorsed by IETF, MITRE (including ATT&CK), and OASIS. Research collaborations involve Austrian technical universities and international research consortia working on topics like threat attribution, intrusion detection system development, industrial control system security, and secure software development lifecycles. CERT.at contributes to publications, white papers, and technical reports informed by datasets and methodologies used by organizations such as CERN for large-scale data analysis, and partners with open source communities including the Apache Software Foundation, Linux Foundation, and OpenSSL project to improve ecosystem security. It also engages with cryptographic research communities and standards bodies like ETSI for secure communication protocols and resilience in national critical infrastructure.

Category:Computer emergency response teams Category:Cybersecurity in Austria Category:AIT Austrian Institute of Technology