CSIRT Description for LION-CSIRT
-----------------------------

1. About this document

	1.1 Date of Last Update

		This is version 1.0, published 2024/05/02

	1.2 Distribution List for Notifications

		Not available

	1.3 Locations where this Document May Be Found

		The current version of this CSIRT description document is available from the LION-CSIRT WWW site; its URL is
        
		https://www.lantechlongwave.it/wp-content/uploads/2024/05/RFC2350_LION-CSIRT.txt
        
	1.4 Authenticating this Document

		This document has been signed with the LION-CSIRT PGP key.  

		https://www.lantechlongwave.it/wp-content/uploads/2024/05/RFC2350_LION-CSIRT_signature.txt

	1.5 Classification

		This document has been classified as Public (TLP:CLEAR)

2. Contact Information

	2.1 Name of the Team

		"LION-CSIRT": Lantech Longwave Cybersecurity Team

	2.2 Address

		LION-CSIRT
		Lantech Longwave SPA
		via Danubio, 9
		42124 Reggio Emilia (RE)
		Italy

	2.3 Time Zone

		CET Central European Time

	2.4 Telephone Number

		Office Business Hours:	+39 0522 375511
		H24: 			+39 049 8933993 

	2.5 Facsimile Number

		Not available

	2.6 Other Telecommunication

		None available

	2.7 Electronic Mail Address

		csirt@lantechlongwave.it

		This is a mail alias that relays mail to the human(s) on duty for the LION-CSIRT

	2.8 Public Keys and Other Encryption Information

		csirt@lantechlongwave.it
			https://www.lantechlongwave.it/wp-content/uploads/2024/05/LION-CSIRT_0xD4BB6BE4_public.asc
			Key ID: 0x322A B5F4 B55E E08F
			Fingerprint: 7743 3A8B 8527 C349 65E8 F870 EB06 F211 D4BB 6BE4

	2.9 Team Members

		The names and information of LION-CSIRT members are not made public

	2.10 Other Information

		General information about the LION-CSIRT can be found at

		https://www.lantechlongwave.it/servizio/security-cybersecurity-services/

	2.11 Points of Customer Contact

		The preferred method for contacting the LION-CSIRT is via e-mail at 

		csirt@lantechlongwave.it 

		If it is not possible (or not advisable for security reasons) to use e-mail, the LION-CSIRT can be reached by telephone.
     
		Business Hours - 08:00-18:00 Monday to Friday except italian holidays
		H24 - 00:00-24:00 Monday to Sunday 
     
3. Charter

	3.1 Mission Statement

		The purpose of the LION-CSIRT is, first, to protect assets and information of customers implementing proactive and reactive measures to reduce the risk of security incidents, and second, to assist in responding to such incident when they occur
	
	3.2 Constituency

		The LION-CSIRT constituency is Lantech Longwave SPA. Lantech Longwave was born from the union of two leading companies and from the subsequent acquisitions of other territorial excellences in the ICT sector. A team of hundreds of people: passionate and competent IT professionals, able to accompany customers in choosing the most innovative, secure, integrable and high-performance technological solutions in the Security and Cybersecurity, Networking, IT and Cloud, Collaboration and AV Integration fields, Communication and Software Development. The company design, manage and integrate a wide range of modular, innovative, safe and high-performance solutions and services, created to give to customers value and make a difference     

	3.3 Authority

		As a commercial CSIRT, LION-CSIRT operates under contractual agreements established with its customers

4. Policies

	4.1 Types of Incidents and Level of Support

		The LION-CSIRT is authorized and ready to address all types of security incidents which occur, or threaten to occur, in its scope, as specified in contractual agreements

	4.2 Co-operation, Interaction and Disclosure of Information

		LION-CSIRT supports and promotes operational coordination and information exchange between CSIRTs. Collaborate with other organizations in the field of cybersecurity while respecting legal frameworks. It interacts according to specific agreements and respecting laws, protocols and good practices for sharing information.

	4.3 Communication and Authentication

		Plaintext information can be exchanged using traditional methods such as unencrypted email and telephone. When sharing classified information (the TLP protocol is not only supported but recommended), PGP signature and encryption mechanisms are used

5. Services

	5.1 Monitoring and Detection

		Monitoring and information collection in terms of cybersecurity, detection of cybersecurity threats, identification of the criticality, prioritization

	5.2 Incident Response and Coordination

		LION-CSIRT assist and support customers in properly handling an incident, including but not limited to incident triage, incident coordination, analysis, containment, mitigation, eradication, recovery. If required LION-CSIRT can provide with on site intervention 

	5.3 Vulnerability management

		LION-CSIRT offer services of vulnerability detection, analysis, contextualization and correction

	5.4 Technology management
		LION-CSIRT is able to manage the technologies responsible for securing its customers' infrastructures and data
		
	5.5 Other Services
		Awareness, security advisory, security consulting

6. Incident Reporting Forms

	Incident can be reported via email or by phone. LION-CSIRT will ask the interlocutor for all the information necessary for a correct proposal for the management of the incident

7. Disclaimers

	While every precaution has been taken in the preparation of information, notifications and alerts, LION-CSIRT assumes no liability for errors, omissions or damages resulting from the use of the information contained in this document