Archived guidance

Guidance created by the NCSC precursor organisations (CESG, CERT-UK and CPNI) which has not yet been absorbed into the new NCSC web pages.
Showing 1 - 25 of 106 results
Sort by: A-Z|Date
  • Delete button

    Parting (with our Browser Guidance) is such sweet sorrow

    Blog post17 Feb 2017AuthorJon LTopicsArchived guidance

    So long, and thanks for all the fish. Why we're saying goodbye to outdated Firefox, IE and Chrome security guidance.

  • Effective log file management

    Document21 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/006 Selecting a sample for repeating developer tests

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/008 Treatment of commercial hardware that is part of a TOE

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/009 Abstract machine testing and the TOE boundary

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/010 Use of extended components for specifying optional requirements in a PP

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/011 Use of open source/third party source code

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/012 Multi-platform TOEs

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/014 ALC_FLR.3 Requirement for a timely response to security flaws

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • Threat intelligence case studies: cyber attack types

    Document06 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    Case studies of real-world incidents, to help you understand how attacks are conducted. Describing real events, they also help show the potential impact of attacks and the failures that lead to compromise.

  • Threat Intelligence: Collecting, Analysing, Evaluating

    Guidance06 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    A framework for threat intelligence that can be scaled to different sectors, sizes of organisation, and organisational goals

  • Threat intelligence: executive summary & infographic

    Guidance06 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    Why ‘doing’ threat intelligence is important – but doing it intelligently is critical.

  • Threat intelligence: video summary

    Guidance06 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    A brief video that introduces the key concepts of threat intelligence.

  • PIANOS: Protecting Information About Networks, the Organisation and its Systems

    Guidance05 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    Advice to help organisations impede attackers' progress into their IT infrastructures.

  • The Ongoing Legacy of Windows XP

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    The current place of XP in the OS market, the resultant risks and some advice on mitigation of the risk of still running it.

  • Patch management and vulnerabilities

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    This paper which highlights where shortfalls may lie and suggests methods for improving patch management policies for UK organisations.

  • Demystifying the exploit kit

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

  • Phishing – what is it and how does it affect me?

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages

    This report covers the basics of phishing as well as serving as a guide to executives on the importance of training and investing in defences

  • Understanding the security of digital currencies for UK businesses

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    This report provides the information necessary to make an informed decision about adopting digital currencies.

  • Security for Industrial Control Systems

    Guidance01 Oct 2016TopicsArchived guidance, CPNI archive

    Archive content originally produced by CPNI that has not yet been absorbed into the new NCSC web pages.

    A framework and set of good practice guides for securing Industrial Control Systems.

  • An introduction to threat intelligence

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    Two papers dealing with the technical aspects of threat intelligence.

  • Cyber-security risks in the supply chain

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    An introduction to cyber-security risks in supply chains and also provides examples to highlight the benefits of an inclusive approach.

  • Windows Server 2003 End of Life update

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    Options for organisations to minimise the risks faced as the result of Windows Server 2003 end of life.

  • An introduction to social engineering

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    An overview of social engineering techniques used and the steps that can be taken to help you protect your organisation’s information.

  • Denial of service attacks – what you need to know

    Guidance01 Oct 2016TopicsArchived guidance, CERT-UK archive

    Archive content originally produced by CERT-UK that has not yet been absorbed into the new NCSC web pages.

    What is meant by DOS/DDOS and how this type of attack works.