Team Cymru RFC 2350 Profile

1. Document Information

This document complies with RFC 2350.

1.1. Date of Last Update

This is version 1.3 dated 11 October 2022

1.2. Distribution List for Notifications

This profile is kept up-to-date on the location specified in 1.3.

E-mail notification of updates are sent to:

All Team Cymru TI members
The Trusted Introducer for CERTs in Europe

Any questions about updates please address to the Team e-mail address: TI-Team@cymru.com.

1.3. Locations where this Document May Be Found

The current version of this profile is always available at https://www.team-cymru.com/rfc-2350/.

2. Contact Information

2.1. Name of the Team

Full name:

Team Cymru, Inc.

Short name:

Team Cymru

2.2. Address

Team Cymru, Inc.
901 International Parkway
Suite 350
Lake Mary, FL 32746
US

2.3. Time Zone

Global; Main offices in US/Eastern (UTC-0500, UTC-0400 in Summer Time)

2.4. Telephone Number

CERT emergency telephone number: +1 847 378 3301

2.5. Facsimile Number

+1 407 878 7832

2.6. Other Telecommunication

Not applicable.

2.7. Electronic Mail Address

Please send reports which relate to the Team Cymru constituency, including copyright issues, spam and abuse to abuse@cymru.com.

Please send reports of security vulnerabilities or incidents relating to Team Cymru to security@cymru.com.

Non-incident related mail should be addressed to support@cymru.com.

2.8. Public Keys and Encryption Information

Please encrypt any sensitive e-mail with the Team Cymru PGP key and send to: team-cymru@cymru.com

Please sign your messages using your own key which is verifiable using the public keyservers.

All members of Team Cymru can read mail encrypted with the team-cymru@cymru.com key, so you may use it if you cannot find a key for a specific Team Cymru member.

2.9. Team Members

No information is provided about the Team Cymru team members in public.

2.10. Other Information

Further information about Team Cymru can be found at: https://www.team-cymru.com/company/.

Team Cymru is accredited by the Trusted Introducer for CERTs in Europe; see http://www.trusted-introducer.org/teams/team cymru.html for details.

Team Cymru is a member of FIRST (Forum for Incident Response and Security Teams); see: http://www.first.org/members/teams/team_cymru/ for details.

2.11. Points of Customer Contact

The preferred method for contacting Team Cymru is via e-mail.

For general inquiries please send e-mail to info@cymru.com
For Abuse issues please use: abuse@cymru.com
For Security issues please use: security@cymru.com
For Network, server, or service issues please use: support@cymru.com
In an Emergency you can contact Team Cymru at: +1 847 378 3301

Team Cymru’s hours of operation are generally restricted to regular business hours: 09:00 to 17:00 Monday to Friday except public holidays.

3. Charter

3.1. Mission Statement

Since 2005, Team Cymru’s mission has been to save and improve lives by working with public and private sector entities to discover, track and take down threat actors and criminals around the globe.

3.2. Constituency

Worldwide

3.3. Sponsorship and/or Affiliation

Since 2005, Team Cymru’s mission has been to save and improve lives by working with public and private sector entities to discover, track and take down threat actors and criminals around the globe. We do this by delivering comprehensive visibility into global cyber threat activity. Team Cymru collects, processes and aggregates global network traffic and 50+ other types of data to give our clients Pure Signal™. This provides the broadest visibility into malicious activity across the Internet. We are scoring 94,000,000 events per day and delivering that information to our users in an actionable way.

The most advanced cybersecurity teams and investigators around the world rely on our solutions to uncover the who, what, when, where and why of malicious behavior. They also leverage this global visibility to identify, map, and block malicious infrastructure before threats even reach their enterprises’ doorsteps. Our data is incomparable — Pure Signal™ — and our partners and clients use it to make the world a safer place.

3.4. Authority

Team Cymru coordinates security incidents on behalf of their constituency at their constituents’ request.

4. Policies

4.1. Types of Incidents and Level of Support

All incidents are considered normal priority unless they are labeled EMERGENCY.

4.2. Co-operation, Interaction and Disclosure of Information

ALL incoming information is handled confidentially by Team Cymru, regardless of its priority.

When reporting an incident of sensitive nature, please state so explicitly, e.g. by using the label SENSITIVE in the subject field of e-mail, and if possible using encryption as well.

Team Cymru supports the Information Sharing Traffic Light Protocol (ISTLP see https://www.trusted-introducer.org/links/ISTLP-v1.1-approved.pdf) – information that comes in with the tags WHITE, GREEN, AMBER or RED will be handled appropriately.

4.3. Communication and Authentication

See 2.8 above. Usage of PGP/GnuPG in all cases where sensitive information is involved is highly recommended.

5. Services

5.1. Incident Response (Triage, Coordination and Resolution)

Team Cymru can assist system administrators in handling the technical and organizational aspects of computer security incidents.

5.2. Proactive Activities

See the following web pages for Team Cymru internet community services provided at no charge:

Team Cymru provides various also commercial services which are outlined at https://www.team-cymru.com/products/.

6. Incident Reporting Forms

Please report all incidents using (preferably encrypted) e-mail. See section 2.11 above.

7. Disclaimers

None