RCTS CERT Rating is the characterization in six categories (“A” to “F”) of how RCTS CERT externally analyzes the cybersecurity of RCTS entities’ infrastructures.
This Rating is not public, and is only communicated to the institution itself included in its Monthly Security Report.
RCTS CERT Rating is determined using a number of parameters including:
- The number of computer security incidents reported and the time (in days) which they remain unsolved;
- The number of vulnerabilities;
- The number of malware events (connections to botnets, etc);
- The number of copyright infringements reported;
- Detected defacements;
- Detections on RCTS datacenters’ intrusion detection systems;
- IP addresses listed on blocklists;
- The main DNS domain configuration used by the organisation (DNSSec and inhibiting zone transfer);
- Domain protection in terms of sending messages (SPF , DKIM and DMARC records);
- Main webserver configurations (Headers, Server Signature and SSL Certificate);
- The formalization of a local CSIRT (Computer Security Incident Response Team).
Parameters have a global weight between 5% and 15%. Values for each parameter are detailed in the monthly reports. More details about each parameter are in this document.
The ranges that define each category are as follows:
If you have any questions about your institution’s RCTS CERT Rating, please contact RCTS CERT (info@cert.rcts.pt).