This is version 1.0, published 2015/09/17.
Notifications of updates are submitted to our constituency using established communication channels.
The current version of this document is available from the PROSEGUR CERT Web site:
This document has been signed with the PROSEGUR CERT's PGP keys. The signatures are also on our Web site, under:
Calle Pajaritos 24,
Central European Time - CET (GMT+0100 and GMT+0200 from April to October)
+34 91 589 83 80 (CET)
Available during normal working hours.
+34 91 589 83 80 (CET) (this is *not* a secure fax)
This is the mail to contact with PROSEGUR CERT.
This is the mail to report a computer security incident.
The PROSEGUR CERT has the following PGP keys:
For information about the PROSEGUR CERT
Key ID: 0x6EF18432
Fingerprint: 5B44 485C C344 A83F 7C9B F5A6 E028 C7A6 6EF1 8432
For Incidents Response
Key ID: 0xC7403B2A
Fingerprint: B1DC FB9E 5FF0 1324 BF08 DC36 4195 0D39 C740 3B2A
Incidents Response Chair is Jorge Alcaín Pro.
Fernando Romero Horcajada
Key ID: 0xDA51B7C
Fingerprint: 9898 8275 E284 A003 4546 14B0 6ABE A4E5 0DA5 1B7C
General information about the PROSEGUR CERT, as well as links to various recommended security resources can be found at
For reporting a computer security incident preferred method is by email at PROSEGUR CERT incidence mailbox firstname.lastname@example.org
Incident Response Team is available 0800-1900 (CET) Monday to Friday Spanish working calendar.
24x7x365 under development.
PROSEGUR launched a new business line focused on cybersecurity management, including cyberattack prevention, detection and response.
PROSEGUR CERT offering is currently comprised of Logical Security (managed security, monitoring and correlation, vulnerability management, source code security and ethical hacking),
Digital Surveillance (content monitoring of open web sources) and Cyberintelligence (content monitoring of non-listed Internet sources, Internet security audits, ad hoc investigations).
PROSEGUR CERT is sponsored by PROSEGUR.
PROSEGUR CERT provide services for PROSEGUR and companies.
Resources will be assigned according to the following priorities:
Types of incidents other than those mentioned above will be prioritized according to their apparent severity and extent.
In most cases, PROSEGUR CERT will provide pointers to the information needed to implement appropriate measures.
The PROSEGUR CERT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.
We will cooperate with other organizations in the field of computer security. This cooperation also includes and often requires the exchange of information regarding security incidents and vulnerabilities.
Nevertheless the PROSEGUR CERT will protect the privacy of its constituency and therefore (under normal circumstances) pass on information in an anonymized way only. Unless explicitly authorized, the identity or vital information of victims of computer security incidents will not be divulged.
PROSEGUR CERT operates under the restrictions imposed by the law of Spanish Data Protection Authority. Therefore it is also posible that the PROSEGUR CERT may be forced to disclose information due to a Court’s order.
Telephone and unencrypted e-mail are considered sufficient for the transmission of low-sensitivity data. If it is necessary to send high sensitivity data by e-mail, PGP will be used. Network file transfers will be considered similar to e-mail for these purposes.
Monitoring and correlaction of the systems and digital surveillance with early warning notifications.
PROSEGUR CERT will assist its constituency in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of the incident management:
Incident Response Coordination:
The PROSEGUR CERT will collect statistics concerning incidents which occur within or involve its constituency and will notify the community as necessary to assist it in protecting against known attacks.
PROSEGUR CERT will assist its constituency in reaction to the discovery of new vulnerabilities. A database is maintained collecting information of vulnerabilities, automatically and manually, via network scans and by other means. Penetration testing teams are coordinated.
Proactive services provide means to reduce the number of actual incidents by giving proper and suitable information concerning potential incidents to the constituency. PROSEGUR CERT additional proactive services include:
PROSEGUR CERT will provide its constituency with information about ongoing attacks, security vulnerabilities, alerts in the general sense, and short-term recommended course of action for dealing with the resulting problems.
Auditing of network systems business.
PROSEGUR CERT have a tool of security information and event management (SIEM).
SIEM is a term for software products and services combining security
information management (SIM) and security event management (SEM).
SIEM technology provides real-time analysis of security alerts generated by network hardware and applications.
A repository of various tested security tools and security tolos developed by PROSEGUR CERT will be supplied to the general public via web.
Incident reports could be send by email to PROSEGUR CERT. Please, provide as much detail as possible and attach any relevant file (log, email, image...)
While every precaution will be taken in the preparation of information, notifications and alerts, the PROSEGUR CERT assumes no responsibility for errors, omissions, or for damages resulting from the use of the information contained.