CSIRT-PoliTO
Computer Security Incident Response Team of Politecnico di Torino
RFC 2350
----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
1. Document Information
1.1 Date of Last Update
Version 1.0, published on the 1st of January 2026.
1.2 Distribution List for Notifications
Notifications of updates are submitted to the mailing list (in Italian):
csirt@polito.it
1.3 Locations where this Document May Be Found
The current version of this document is available from the CSIRT-PoliTO WWW
site:
https://csirt.polito.it/rfc2350
1.4 Authentication of this document
This document has been signed with the CSIRT-PoliTO PGP Master Key.
1.5 Revision History
1.0 - First release.
2. Contact Information
2.1 Name of the Team
CSIRT-PoliTO: the Politecnico di Torino Computer Security Incident Response
Team.
2.2 Address
CSIRT-PoliTO c/o
Politecnico di Torino
Corso Duca degli Abruzzi, 24
I 10129 Torino (TO) ITALY
2.3 Time Zone
Central European (GMT+0100 and GMT+0200 from the last Sunday of March to
the last Sunday of October).
2.4 Telephone Number
+39 011 090.6116
+39 011 090.6698
+39 011 090.6693
2.5 Other Telecommunication
None available.
2.6 Electronic Mail Address
csirt@polito.it
Messages sent to this address are received by all CSIRT-PoliTO members.
2.7 Public Keys and Encryption Information
CSIRT-PoliTO has a PGP Master Key, used to sign CSIRT-PoliTO's official
documents (including this one):
--------------------------------------------------------------------------------
pub 2025/11/20 CSIRT-PoliTO Master Key
Fingerprint: 4268 54FF DFB0 3C59 0A1B 20BA 8461 198B 5458 9807
--------------------------------------------------------------------------------
It can be found at the CSIRT-PoliTO PGP page or at the PGP Public Key
Servers (ex. https://keys.openpgp.org).
Details on the PGP keys of CSIRT-PoliTO members can be found at:
https://csirt.polito.it/pgp_keys
2.8 Team Members
Enrico Venuto, of Politecnico di Torino, is the Head of CSIRT-PoliTO.
He is also the CISO and the the Head of the Cybersecurity & IT for Research
Division.
The other team members are listed at:
https://csirt.polito.it/members_team
2.9 Other Information
CSIRT-PoliTO was estabilished the 1st of January 2026 as a service of the
Cybersecurity & IT for Research Division of Politecnico di Torino.
General information about CSIRT-PoliTO can be found at:
https://csirt.polito.it
2.10 Points of Customer Contact
CSIRT-PoliTO can be contacted:
- via e-mail at: csirt@polito.it
- by telephone (Mon-Fri, 8.00-17:00)
3. Charter
3.1 Mission Statement
The purposes of CSIRT-PoliTO are:
- to assist the users of the Politecnico di Torino implementing proactive
measures to reduce the risk of computer security incidents;
- to assist the users of the Politecnico di Torino network in responding to
such incidents when they occur;
- to support the reporting of incidents;
- to serve as a single point of contact for the constituency and for the
external stakeholders.
3.2 Constituency
The CSIRT-PoliTO constituency is the community of the users of the
Politecnico di Torino, member of the Italian Academic and Research Network.
3.3 Sponsorship
CSIRT-PoliTO is an operative service of the Politecnico di Torino.
3.4 Authority
CSIRT-PoliTO operates under the auspices of the Politecnico di Torino
members and the supervision of the Politecnico di Torino management.
The Computer Security Incident Response Team (CSIRT), is established and
managed under the direction of the Chief Information Security Officer
(CISO).
The CSIRT is expected to follow the Incident Response Plan and is authorized
to take appropriate action necessary to contain, investigate and remediate a
security incident. In case of missing support from the local IT
administrators and users, it has authority to filter involved node(s) on
the Politecnico di Torino border routers and/or firewalls, obtain from the
IT Department of Politecnico di Torino the down of the router port(s)
involved and execute the shutdown of the equipment(s). In case of incidents
that may have criminal consequences, can cooperate with Politecnico di
Torino Lawers and management to engage and co-operate with Law Enforcement
Agencies. CSIRT-PoliTO coordinate Incident Management and make all the
necessary notification to National Cybersecurity Agency (ACN), Law
Enforcement Agencies and, in accordance with DPO, to the national Data
Protection Authority (Garante della Privacy).
4. Policies
4.1 Types of Incidents and Level of Support
CSIRT-PoliTO is authorized to address all types of computer security
incidents that occur at nodes connected to the Politecnico di Torino
network and to all the external and cloud services and nodes that can be
attributable to Politecnico di Torino. The level of support given by
CSIRT-PoliTO will vary according to the severity of the incident and the
CSIRT-PoliTO's resources at the time.
Every effort will be done to give some response within one working day.
Direct support can be given to end-users, also if they are expected to
contact their system administrators. CSIRT-PoliTO expects that the local
system administrators of the sites and departements involved in security
incidents will cooperate in the resolution of the problem. The incident
handling procedure, which, in extreme cases, will lead to filtering the
compromised node(s) on the Politecnico di Torino network border
routers/firewalls can be found at:
https://csirt.polito.it/incident_management
CSIRT-PoliTO is committed to keeping its constituency informed of potential
vulnerabilities, possibly before they are actively exploited.
4.2 Co-operation, Interaction and Disclosure of Information
CSIRT-PoliTO, unless explicitly authorized, will not divulge the identity
of nodes victims of computer security incidents.
CSIRT-PoliTO cooperate with all the Information Sharing Analisys Centre
(ISAC) of wich is part.
4.3 Communication and Authentication
Telephone and unencrypted e-mail can be considered sufficiently secure for
the transmission of low-sensitivity data.
If it is necessary to send high sensitivity data by e-mail, PGP will be
used.
Network file transfers will be considered similar to e-mail for these
purposes.
5. Services
5.1 Incident Response
CSIRT-PoliTO will help system administrators of nodes connected to the
Politecnico di Torino network in handling computer security incidents.
In particular:
- investigating the nature and extent of the incident;
- trying to determine the initial cause (e.g. vulnerability exploited);
- keeping contacts with other sites involved;
- reporting to other CSIRTs and ISACs;
- helping in removing the vulnerability.
To make use of CSIRT-PoliTO's incident response services, please use the
methods listed in Section 2.10.
5.2 Proactive Activities
CSIRT-PoliTO coordinates and maintains the following services to the extent
possible depending on its resources:
- mailing lists;
- auditing services;
- dissemination of information about vulnerabilities and recommended
security measures;
- testing and developing security tools.
6. Incident Reporting Forms
Due high risk livel, no unauthenticated incident reporting form is provided.
Use the methods listed in 2.10 to report a security incidents.
7. Disclaimers
While every precaution will be taken in the preparation of information,
notification and alerts, CSIRT-PoliTO assumes no responsibility for errors or
omissions, or for damages resulting fron the use of the information contained
within.
----END PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iHUEABYKAB0WIQRCaFT/37A8WQobILqEYRmLVFiYBwUCaUlO7wAKCRCEYRmLVFiY
B1UgAQDYYNMtrjZRQCpXarKHdyzxyKzte98F5Hz+MEHAa49C+QEAm1wYBQciVeUm
lzNrnJFFD4ilL+LoVpDPXlr33UnWng8=
=LuL2
-----END PGP SIGNATURE-----
