النسخة العربية

Oman National CERT Towards a safe cyber environment

Regional Cybersecurity Week 2019

Regional Cybersecurity Week 2019

The 2nd Regional Cybersecurity Week will be held from 27th to 31st October 2019 in Kempinski Hotel, Muscat, Sultanate of Oman...

View
OIC-CERT Drill 2019

OIC-CERT Drill 2019

The OIC-CERT1 Drill is an annual event for the OIC-CERT member teams ...

View
National Cyber Security Drill ( Malware and dark web: The Persistent Threat )

National Cyber Security Drill ( Malware and dark web: The Persistent Threat )

The objective of this Cyber Drill is to enhance communication, teamwork, and participating teams’ incident response capabilities to ensure continued collective efforts against cyber threats through the CIRT of the region.

View
Oman Threat Hunters 2019

Oman Threat Hunters 2019

The ITU- Arab Regional Cybersecurity Centre (ITU-ARCC), hosted by Information Technology Authority and Oman National CERT, and in partnership with Silensec , is organizing “Threat Hunters 2019” , a national cybersecurity competition.Registration is open now through : https://cyberstars.pro/profile/register/

View
ISO/ IEC 27001: 2013 Lead Auditor training course – IRCA Certified

ISO/ IEC 27001: 2013 Lead Auditor training course – IRCA Certified

The ISO/IEC 27001 Lead Auditor training is an intensive five-day course where you’ll discover internationally- recognized best practice auditing techniques so you can confidently lead auditing activities...

View

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

Reactive Services

Reactive Services

Reactive Services

Reactive services are designed to respond to requests for assistance, reports of incidents from the OmanCERT constituency, and any threats or attacks against OmanCERT systems. Some services may be initiated by viewing and monitoring website URL.


Incident Handling

Incident handling involves receiving, triaging, and responding to requests and reports, and analyzing incidents and events.

  • Provide Incident investigation via log analysis, and tracking or tracing the origins of the intrusion.
  • Provide Incident response support by assisting and guiding the victim(s) of an attack in recovering from an incident via remote access and management, phone, email, fax, or documentation.
  • Provide incident response coordination among parties involved in the incident.

Incident Analysis

Incident analysis is an examination of all available information and supporting evidence or artifacts related to an incident or event

  • Identify the scope of the incident, extent of damage caused by the incident, nature of the incident and available response strategies or workarounds
  • Look at patterns, trends and interrelations or intruder signature
  • Perform tracing or tracking of the origins of an intruder or identifying systems to which the intruder had access.
  • Provide a complete and up to date analysis of what had happened to a specific system.
  • Provide the Offsite / Onsite log analysis if needed

Incident Response Support

OmanCERT team will guide and assist the victim of an attack in recovering from an incident via remote methods: fax, phone, or email.

  • Provide technical assistance in the interpretation of data collected, provide contact information, or relay guidance on mitigation and recovery strategies to the user based on analysed data and information gathered.
  • Provide remote guidance and assistance on mitigation and recovery strategies.

Incident Response Coordination

The CERT team performs coordination among different victims of the attack and all parties involved in providing support to the victim(s).

  • Collect contact information, notify victim(s) or source of attack, collect statistics about number of sites involved and facilitate information exchange.
  • Coordinate with relevant parties that provide IT support to victim, such as Internet Service Providers, and other CSIRTS as needed.
  • Notify and collaborate with the Legal Department, Human Resource or Public Relations and Law Enforcement if necessary.
  • Report an Incident