CNW
Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States’ appointed CSIRTs and CERT-EU.
Install / Use
/learn @enisaeu/CNWREADME
For more information about the EU CSIRTs network, its members and how to get in contact please visit https://csirtsnetwork.eu/
Please note that the list of publications by CSIRTs NW members and partners is currently under construction.
CSIRTs Network - Security Guidance
Guidance publications
Advisory collections
Security best-practices
- Business Continuity
- Authentication
- Network Security / Architecture
- Cloud Security
- Monitoring / Logging
- Email Security
- Incident Response
- Industrial Control System / IOT Security
- Webserver Security
- Additional Publications
Vulnerability Handling
CNW Member Warnings and Advisories
CNW Member Repositories
Trainings
Business Continuity
Backups
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | EU | ENISA | EN | Guidance on Secure Backups (1 September 2021) | | LU | CIRCL | EN | TR-55 - SquashFu - an alternate Open Source Backup solution, resilient to Crypto Ransomware attacks (12 September 2018) |
DDoS protection
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | AT | CERT.at | DE | DDoS Angriffe gegen Unternehmen in Österreich | | BE | CERT.be | FR | DDOS: protection et prévention [PDF] | | DE | BSI | DE | Praktische Informationen zur Vermeidung von DDoS-Anfällen und Hilfestellungen bei der Reaktion | | EUI | CERT-EU | EN | DDoS Overview and Response Guide | | FI | NCSC-FI | FI | Neuvoja palvelunestohyökkäyksen estämiseksi [PDF] | | FR | CERT-FR | FR | Comprendre et anticiper les attaques DDoS [PDF] | | HU | NCSC-HU | HU | Védekezés a szolgáltatás megtagadásra irányuló DOS támadások ellen [PDF] (10 March 2022) | | LT | CERT-LT | LT | APSAUGA NUO PASLAUGŲ TRIKDYMO KIBERNETINIŲ ATAKŲ [PDF] (5 November 2021) | | LU | CIRCL | EN | TR-19 - UDP Protocols Security - Recommendations To Avoid or Limit DDoS reflection / amplification (8 July 2015) | | NL | NCSC-NL | NL | Factsheet Continuïteit van online diensten (02 March 2023) | | NL | NCSC-NL | NL | Factsheet Technische maatregelen voor continuïteit voor online diensten (02 March 2023) | | PL | KNF CSIRT | PL | Dobre praktyki w zakresieprzeciwdziałania atakom DDoS [PDF] | | PL | KNF CSIRT | EN | Good Practices in DDoS countermeasures [PDF] | | SE | CERT-SE | SE | Råd gällande förebyggande och hantering av överbelastningsangrepp (21 February 2023) |
Authentication
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | NL | NCSC-NL | NL| Volwassen authenticeren | | NL | NCSC-NL | NL | Factsheet Gebruik tweefactorauthenticatie (17 March 2023) | | PL | CERT-PL | PL | Hasła - Materiałów, kierowany do wielu grup odbiorców |
Network Security / Architecture
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | NL | NCSC-NL | NL | Zero Trust | | NL | NCSC-NL | NL | SOC inrichten: begin klein | | NL | NCSC-NL | NL | Kennisproduct Omgaan met edge devices |
Cloud Security
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | DE | BSI | DE | Cloud Computing Grundlagen | | FR | ANSSI | FR | Prestataires de service d’informatique en nuage (SecNumCloud) | | FR | ANSSI | FR | RECOMMANDATIONS POUR L’HÉBERGEMENT DANS LE CLOUD DES SYSTÈMES D’INFORMATION SENSIBLES [PDF] | | FR | ANSSI | FR | RECOMMENDATIONS ON HOSTING SENSITIVE INFORMATION SYSTEMS IN THE CLOUD | | EU | ENISA | EN | Cloud Security - Publication Node |
Monitoring / Logging
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | EU | ENISA | EN | Proactive detection – Measures and information sources (26 May 2020) |
Email Security
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | CZ | NÚKIB | EN | Methods of increasing the protection of email systems [PDF] | | EUI | CERT-EU | EN | E-Mail Sender Adress Forgery Mitigation [PDF] | | EUI | CERT-EU | EN | DMARC — Defeating E-Mail Abuse [PDF] | | LU | CIRCL | EN | TR-60 - Phishing - Effects and precautions (26 June 2020) | | PL | CERT-PL | PL | Mechanizmy weryfikacji nadawcy wiadomości |
Incident Response
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | EUI | CERT-EU | EN | Security White Paper 2017-002_Detecting Lateral Movements in Windows Infrastructure | | EUI | CERT-EU | EN | Security White Paper 2011-003 - Windows Malware Detection (Incident Response Methodology) | | EU | ENISA | EN | Standards and tools for exchange and processing of actionable information (19 January 2015) |
Webserver Security
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | LU | CIRCL | EN | TR-26 - Security Recommendations for Web Content Management Systems and Web Servers (28 April 2015) | | LU | CIRCL | EN | TR-66 - Webservers with mod_status like debug modules publicly available leak information (6 December 2021) |
Industrial Control System / IOT Security
| Country | Organisation | Language | Material | | :-----: | :----------: | :------: | :------ | | DE | BSI | EN | Industrial Control System Security | | DE | BSI | DE | Industrielle Steuerungs- und Automatisierungssysteme (ICS)] | | DE | BSI | EN | Industrial Control System Security: Top 10 threats and countermeasures 2022 | | HU | NCSC-HU & SeConSys | HU | Villamosenergetikai ipari felügyeleti rendszerek kiberbiztonsági kézikönyve 2022 [PDF] (3 March 2022) | | NL | NCSC-NL | NL | [Basis-beveiligingsmaatregelen Slimme Apparaten (IoT) (25 March 2023)](https://www.ncsc.nl/documenten/factsheets/2019/juni/01/f
Security Score
Audited on Mar 31, 2026