Outline of activities of Nippon CSIRT Association

The association promotes and supports information sharing and cooperation among CSIRTs in Japan. Computer security incidents should lead to mutual cooperation to limit system damage,
to nationwide early warning announcements, and to joint drills to execute defensive measures. The association also holds workshops and events to support companies to set up new CSIRTs, and offers suggestions to them on improving security.

NCA Publications

CSIRT Starter Kit

"CSIRT Starter Kit" describes the issues that should be carefully addressed and matters that should be defined when creating a computer security incident response team (CSIRT). It also refers to the procedures that should be followed when formulating a plan for incident response in an organization and aims to serve as a general guide for creating a CSIRT.

About the working groups

CSIRTs in the association cooperate with other members to solve mutual challenges. Members can form a working group with any other member and/or participate in any number of groups.

Working group under activity (WG)

Working group for CSIRT challenges

Challenges are identified and analyzed through discussions by members of the CSIRT Association and outside organizations that are considering to form their own CSIRTs. Also,materials are compiled to provide solutions.

Working group for sharing threat information

Information about computer security threats are shared with other CSIRTs in the spirit of close cooperation and mutual trust.

Working group for CSIRT fact sheets

Useful data is compiled for the support and improvement of existing teams and for the creation of new CSIRTs in Japan, by providing and coordinating information such as the purpose, position, authority, number of team members, budget, etc., of each CSIRT.

Working group for technical investigation of incidents

For each security incident, guidelines are formulated to include the investigation of response techniques and forensics analysis techniques, as well as response procedures, that adapt to security incident trends in Japan.

Working group for the examination of framework for use of incident information

The issue of how to utilize incident related information (to share, exchange, and disclose)within the framework of the association is considered.

Working group for Honeynet Project Japan Chapter
Consider the establishment of Honeynet Project Japan Chapter.

Honeynet Project is an organization of a community for security engineers around the world. They promote to develop honeypot software on several projects and provide critical security information through intelligence report such as “Know Your Enemy”.