Security Services

Besides the recommendations and training courses, the Security Team also provides security consulting and tools for users interested in improving the security of their systems and services. In addition, the Security Team permanently monitors the CERN networks and computers for vulnerabilities, attacks and intrusions.

This page lists the different protection and detection measures applied in the CERN environment. These all comply with our Privacy Statement.

Audits & Reviews

Understanding the security risks and weaknesses of an application, device, system or service is crucial for ensuring and validating that necessary security controls are integrated into their design and implementation. Therefore, the Security Team offers risk assessments, code reviews and security audit on demand.

Host-Based Intrusion Detection

Host-based intrusion detection monitor the activity on a particular device and try to detect deviations from a "normal" usage pattern. The Security Team, in collaboration with the CERN/IT computer centre groups, has deployed a series of means to automatically detect such anomalies.

Traffic Control & Monitoring

Network-based intrusion detection is complementary to host-based detection. Together with the CERN/IT networking group, the Security Team monitors the traffic flow, pattern and contents into and out of CERN networks.

Vulnerabilty Scans

"Vulnerability scanning" aims at the early detection of weaknesses in applications, configurations, and Web sites. The Security Team is permanently running a series of vulnerability scanners. If you need a one-off scan, please contact