The new cybersecurity incidents management procedure for the GARR network is online.
The procedure was updated in order to better adapt to the recent evolution of security problems. It covers explicitely the cases where a GARR network node is the origin of the target of the incident, and introduces specific procedures for cases with multiple sources or targets of the attacks, e.g. distributed SYN-Flood. To make further updates more agile and timely, so to effectively respond to emerging security threaths, GARR Acceptable User Policy was also updated and now its provisions include that the security incidents management procedure can be updated at need.