Reactive Services

ngCERT Reactive services are designed to respond to requests for support from her contituency. These reports are in the form of incidents from the constituency, and any threats or attacks against information systems in the Nigerian cyberspace.

Alert and Warning

Disseminate information that describes security incidents such as vulnerabilities, intrusion alerts, computer virus, or hoax. Provide any short-term or long term recommended course of action for dealing with the resulting problem. Provide guidance for protecting the systems or recovering any systems that were affected. Notify various parts of the constituencies about the vulnerability and share information on how to fix or mitigate the vulnerability. Communicate with vendors, other CSIRTs, constituent members, and the individual groups who initially discovered or reported the vulnerability.

Vulnerability Assessment and Penetration testing

Vulnerability assessments and penetration testing is one of ngCERT’s on-demand services, perform to protect information systems that are considered Critical National Information Infrastructure(CNII) which may be owned by either public or private sectors of Nigeria. This service is designed to properly secure such information systems.

Incident Handling

Our incident handling services are designed to effectively deter and respond to cyber threats and cybercrime which leverage on an efficient emergency readiness and coordination capability. These include;

  • Incident Analysis
  • Incident Response on Site
  • Incident Response coordination
  • Incident Response Support
  • Forensic evidence collection.
  • Forensic Analysis

    Forensic Analysis is the use of controlled and documented analytical and investigative techniques to identify, collect, examine and preserve digital information. Conducting a forensic investigation and analysis is a key aspect of investigating an information security incident, because data media may contain information which could shed light on the circumstances of the incident, as well as help in identifying the person or group responsible for the breach. The outcome of the analysis can be presented as evidence. With our experienced and certified forensic investigators, utilising best practices, tools and techniques, we can help you establish the cause of breaches, provide advice and services on mitigation and stand in as expert witnesses in court. Generally, our forensic services are performed on the following basis; Order for a forensic investigation by law enforcement and judicial authorities; Inquiries from law enforcement agencies; Agreements with individuals and legal entities. Other forensic services we can provide include;

  • Restoring the chronology of any event of an information system
  • Searching for signs of possible unauthorized access Extraction and analysis of correspondence (email and instant messaging)
  • Searching based on set criteria
  • Forensic investigation of mobile devices
  • Investigation of databases
  • Investigation of skimming devices
  • Investigation of network and RAM dumps
  • Searching for presence of malware
  • Ensuring integrity of data after seizure
  • Vulnerability Handling

    Our Vulnerability Coordinating Team collect, analyze, and validate emerging vulnerabilities to common computing platforms. It further provides on-demand vulnerability analysis to our constituencies that will help reduce security risks posed by all sort of vulnerabilities. Services we provide include;

  • Vulnerability Analysis
  • Vulnerability Response
  • Vulnerability Response Coordination