Services

CIRCL provides a large range of services on a national scale:

Incident Coordination and Incident Handling

The available services are:

• Reporting of security incidents

• Incident identification, triage, analysis and response

• Technical investigation:
  • Incident correlation
  • Malware analysis and reverse engineering
  • System and network forensic analysis
  • Security vulnerability assessment
  • Information leak analysis and data mining
• Online services to support incident response and analysis
  • https://pandora.circl.lu/ - quick, private and simple suspicious document analysis.
  • https://lookyloo.circl.lu/ - check and review URLs and website.
  • https://hashlookup.circl.lu/ - hashlookup online service to check the existence of a file in known public distributions.
• Threat indicators and intelligence sharing platform for the private sector - MISP
• International and national CERT/CSIRT cooperation and also with Local Incident Response Teams (LIRT)
• Incident coordination might also include vulnerability handling and responsible vulnerability disclosure on incident reporter’s request
• Access to the CIRCL newsletter
• Training And Technical Courses (PDF Catalogue)

Incident Handling Support Tools and Services

• Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results.
• URL Abuse and LookyLoo to check and review security of URLs
• cve-search Common Vulnerabilities and Exposures (CVE) web interface and API
• IP address to ASN mapping whois service including 4 years of historical data
• Passive DNS, historical DNS records database (access on request, contact us)
• Passive SSL services, historical database of SSL certificate per IP address (access on request, contact us)
• Dynamic malware analysis platform (access on request, contact us)
• Threat indicators sharing platform for private sector - MISP (access on request, contact us)
• Network services exposure change detection

Data Feeds and Early Detection Network

• Private and public organizations in Luxembourg can benefit from our early detection network by hosting a sensor in their unused network spaces
• CIRCL provides a contextual feed containing all software vulnerabilities including visibility ranking in Luxembourg

Additional Request or Research Project Partnership

CIRCL is also working with private and public organizations in order to foster research in the security field. Don’t hesitate to contact us, if you would like to discuss a research partnership.

CIRCL is actively working on different projects where contributors are welcome to participate and reuse software in their own organizations.