Skip to main content
Home

Main navigation

  • Home
  • About
    • Corporate Info
    • Directors
    • Staff
  • News
  • Publications
    • Newsletters
  • Coloboration
    • fDLuDCf
    • Online Studies with ICE
    • Uprouse with LEARN
  • Network
    • Connectivity
    • Current traffic
    • IPv6
    • Multicast
  • Membership
    • Current Members
    • Obtaining membership
  • Services
    • LEARN-CSIRT
    • LEARN Identity Access Federation
    • LEARN TAC
    • Public Eduroam
    • Video Conferencing Systems
    • eduID - a lifelong Identity
    • eduVPN over Federated Identity Access
    • eduroam
  • Training
    • 2013
      • Kick-off workshop
    • 2014
      • Annual NOC Meeting & Campus Network Design Workshop
      • Network Operations Internship
    • 2015
      • South Asia Network Operators Group (SANOG 25th)
    • 2016
      • Annual NOC Meeting 2015/16 with eduroam Workshop
      • Linux System Architecture and Administration
    • 2017
      • Deployment of IPv6 in Campus Network
      • Annual NOC Meeting 2017 and Network Monitoring and Measurement Workshop
    • 2018
      • Workshop on Network Security
      • Annual NOC Meeting - 2018
      • Workshop on Identity Access Management and Federation
    • 2019
      • Workshop on Campus Network Best Practices
      • A Seminar on Facilitation Digital Conference Service to LEARN R&E Community
      • Institutional Workshops on Facilitating Digital Conference Service to LEARN R&E Community
    • 2020
      • Delve into Zoom Training
      • Identity Access Management Workshop
      • Online Seminar on R&E Tools and Applications powered by LEARN
    • 2021
      • Enabling Services over the LEARN Identity Access Federation
      • Workshop on Network/ Systems Monitoring
    • 2022
      • Workshop on Tuning up Campus Network - 2022
      • Network Management and Measurements Workshop
      • Campus Systems Linux Essentials Workshop
  • Vacancy
  • Contact

Quick links

  • Zoom FAQ
  • eduID - a lifelong identity
  • Video Conferencing Systems
  • Traffic plots
  • Zoom Utilisation
  • Links Performance
  • Test your link speed
  • Diagnose your connectivity
  • Login

Recent News

Intern – Admin Operations
Posted: : Thu, 09/14/2023 - 09:33
Engineering Assistant
Posted: : Mon, 04/03/2023 - 10:52
Identity Access Management Campus Essentials Workshop
Posted: : Mon, 03/13/2023 - 13:09
Female Intern - System/Network 
Posted: : Sat, 03/11/2023 - 13:11
Female Intern - Web Developing
Posted: : Sat, 03/11/2023 - 13:09
Finance Executive
Posted: : Wed, 02/15/2023 - 10:33
LEARN CALL for EOI
Posted: : Wed, 01/18/2023 - 13:03
Kubernetes Engineer
Posted: : Thu, 11/10/2022 - 00:34
Campus Systems Linux Essentials Workshop
Posted: : Thu, 10/20/2022 - 19:44
Online Studies with ICE
Posted: : Wed, 09/07/2022 - 13:51

LEARN-CSIRT

LEARN-CSIRT provides Computer Security Incident Response (Team) Services to our members or user connect with LEARN. LEARN-CSIRT provides a reliable and trusted single point of contact for reporting computer security incidents islandwide. CSIRT provides the means for reporting incidents and for disseminating important incident-related information.

 

LEARN-CSIRT serves to raise awareness among its members of computer security issues, and provides information for secure protection of critical computing infrastructure and equipment against potential organized computer attacks.

 

Members must share in the responsibility of coordinating their response efforts with other similar institutions. Gathering intelligence information from all sources is a critical part of information infrastructure protection. Networking in a trusted environment and sharing incident information and detection and response techniques can play an important role in identifying and correcting weaknesses.

 

Our objective

By establishing this service, we hope to provide security professionals with the means to report, discuss, and disseminate computer security related information among LEARN members. This service is intended to provide information for reporting security incidents and information on technical resources, and to disseminate information quickly, accurately, and efficiently.

 

We concentrate the coordination of incident handling, thereby eliminating duplication of effort. Our focus is to mitigate the potentially serious effects of a severe computer security-related problem. To achieve this goal, we concentrate our efforts not only on the capability to react to incidents but also the resources to alert and inform its constituency.

 

Incident Management Service

LEARN-CSIRT provides both proactive and reactive incident response assistance to members. That is, we actively seek out information from a variety of sources to help find information which may indicate that a member's network or information associated with the member's domain may have been compromised, or could be compromised. The sources are varied but include monitoring malicious activity on the Internet to identify systems that may have been compromised.


 

Incident Coordination

LEARN-CSIRT acts as a trusted intermediary, coordinating communication about incidents between affected parties. When LEARN-CSIRT receives a report of an incident from a member asking us to investigate it, we follow certain well-defined procedures in an effort to obtain resolution or a satisfactory outcome from the appropriate third party. In general, the main purpose of incident coordination is to pass relevant but sanitised information about an incident to affected parties in order that they may themselves, resolve or ‘handle’ the incident.

 

Incident Handling

Our Incident Management Service provides advice to members to assist with identification of a computer security incident or breach, mitigate against further damage and recover from it.

 

In seeking to assist members to effectively handle an incident, we may, with their consent, communicate with other parties such as law enforcement agencies, vendors and other experts around the region.

 

General enquiries

Contact: Network Operations Centre

EMail: csirt at learn.ac.lk,

Lanka Education and Research Network

Information Technology Centre

University of Perdeniya

Peradeniya 20400

Phone: +94 81 200 3035

Fax: +94 81 238 5715