The National CERT was established in accordance with the Information Security Act of the Republic of Croatia, and according to this Act its task is the protection the of information security of public information systems in the Republic of Croatia.
According to the rules of procedure of the National CERT, this department deals with incidents when one of the parties in an incident, victim or attacker, is located in the Republic of Croatia (or in a .hr domain or Croatian IP addressing space).
The National CERT carries out proactive and reactive measures within its activities. With proactive measures it acts before the incident and other events that can endanger the security of public information systems occur in order to prevent or mitigate possible damages.
Proactive measures carried out by the National CERT are the following:
- monitoring of computer security and publishing news concerning security on the Internet
- publishing computer security recommendations
- publishing technical documents and brochures concerning security on the Internet
- vulnerability scanning of public information systems
- publishing of information on correct security tools
- education of target groups from the field of Internet security.
With its reactive measures, the National CERT reacts to incidents in the Republic of Croatia that have occurred in public information systems, by analysing and mediating in their solution. In doing so, it uses the software developed within the National CERT, which serves for early warnings.
Users of the National CERT are all users of the Internet in the Republic of Croatia and providers of hosting services and Internet service providers (ISP).
In 2012, the development of the proactive components "honeynet" and "spamtrap" is planned and their integration in the early warning system that would then represent a complete unit, with a reactive and a proactive part.