CSIRT VIRTUO GROUP SP. Z O.O.
RFC 2350 – Incident Response Team Information
1. Document Information
1.1 Purpose of the Document
This document constitutes the official description of the activities of CSIRT VIRTUO GROUP SP. Z O.O., prepared in accordance with the guidelines of RFC 2350.
Its purpose is to provide essential information about the Computer Security Incident Response Team (CSIRT), including contact details, scope of responsibility, cooperation principles, and services provided.
1.2 Scope
This document is intended for:
- clients and business partners,
- public and private entities,
- CSIRT teams,
- auditors and regulatory bodies.
1.3 Definitions and Acronyms
- CSIRT – Computer Security Incident Response Team
- SOC – Security Operations Center
- CISSP – Certified Information Systems Security Professional
- CRISC – Certified in Risk and Information Systems Control
- CEH – Certified Ethical Hacker
- CISA – Certified Information Systems Auditor
- CISM – Certified Information Security Manager
- VPN – Virtual Private Network
1.4 Date of Last Update
- Version: 1.2
- Publication date: 07 January 2024
1.5 Distribution of Change Notifications
VIRTUO GROUP SP. Z O.O. does not currently maintain public distribution lists for notifying stakeholders of changes to this document.
The current version of the document is published on the company’s website.
2. Contact Information
2.1 Team Name
VIRTUO SOC (CSIRT VIRTUO GROUP SP. Z O.O.)
2.2 Responsible Entity
VIRTUO GROUP SP. Z O.O.
ul. Tytusa Chałubińskiego 9/2
02-004 Warsaw
Poland
2.3 Time Zone
- CET (UTC+1)
- CEST (UTC+2)
2.4 Telephone Number
+48 880 274 550
2.5 Fax Number
Not applicable.
2.6 Other Communication Channels
No publicly available alternative telecommunication channels are provided.
2.7 Email Addresses
- Incident reporting and operational matters:
csirt@virtuosoc.com - Business and commercial inquiries:
info@virtuosoc.com
2.8 Encryption and Communication Security
To ensure confidentiality, integrity, and security of information, VIRTUO GROUP SP. Z O.O. applies the following communication protection mechanisms:
- Microsoft 365 Message Encryption – default method for securing email correspondence, enabling secure information exchange with external entities,
- Dedicated incident handling portal – used for the transfer of sensitive information, evidence, and technical data, protected by multi-factor authentication (MFA),
- S/MIME (X.509) – available upon request of a client or partner.
All transmitted and stored data is encrypted both in transit and at rest.
2.9 Team Members
VIRTUO SOC cooperates with experienced cybersecurity professionals and partners possessing extensive industry experience and certifications, including but not limited to: ISO/IEC 27001, CISSP, CISM, CISA, CRISC, CEH.
The team composition and availability of competencies may change depending on the scope of services provided and the nature of ongoing projects.
The team operates in a remote model using secure VPN connections.
2.10 Working Hours and Client Contact
The preferred form of contact with CSIRT VIRTUO is email communication.
Business and administrative hours:
- Monday – Friday: 09:00 – 17:00 (excluding public holidays)
SOC / CSIRT operations:
VIRTUO SOC provides security monitoring and incident response services on a 24/7/365 basis, in accordance with the scope and service levels defined in agreements concluded with clients.
Detailed availability parameters, response times (SLA), and escalation channels are defined individually in contractual documentation.
3. Authority and Responsibility
3.1 Mission
The mission of VIRTUO GROUP SP. Z O.O. is to support clients in preventing, identifying, and minimizing the impact of cybersecurity threats by delivering modern, tailored technological solutions and incident response services.
3.2 Nature of Activities
VIRTUO GROUP SP. Z O.O. is a private, self-financed entity providing IT services, cybersecurity services, consulting, and systems maintenance.
3.3 Authorization
VIRTUO SOC operates under the authorization of the Management Board of VIRTUO GROUP SP. Z O.O. and based on agreements concluded with clients.
The team is authorized to handle and coordinate security incidents on behalf of clients, in accordance with applicable contractual arrangements.
4. Policies
4.1 Incident Classification
Security incidents are classified in accordance with established procedures and contractual provisions.
The default incident priority level is normal, unless otherwise specified in the agreement.
4.2 Confidentiality and Information Disclosure
All information related to incident handling is treated as confidential and protected under applicable laws, contractual obligations, and non-disclosure agreements.
4.3 Communication and Authentication
Data processed by VIRTUO GROUP SP. Z O.O. is secured in accordance with applicable legal regulations and internal security policies.
The Microsoft Azure and Microsoft 365 platforms used by the organization comply with the ISO/IEC 27001 standard.
5. Services
5.1 Incident Response
VIRTUO SOC supports organizations throughout the full incident response lifecycle, including:
- preparation and planning,
- detection and analysis of events,
- containment of incident impact,
- eradication and system recovery,
- post-incident analysis and recommendations.
5.2 Proactive Activities
VIRTUO SOC carries out proactive activities as part of the provided SOC-as-a-Service, including in particular:
- continuous improvement of detection and incident response processes within its own Security Operations Center,
- increasing client security awareness through recommendations, consultations, and ongoing threat-related communication,
- participation in exercises, tests, and initiatives within the CSIRT community aimed at enhancing operational readiness and knowledge exchange,
- proactive threat monitoring, security trend analysis, and continuous updates of detection rules and response procedures.
6. Disclaimer
VIRTUO GROUP SP. Z O.O. makes every effort to ensure that the information contained in this document is accurate and up to date; however, it assumes no responsibility for any errors, omissions, or consequences resulting from the use of this information.
Document prepared in accordance with RFC 2350.
