| CARVIEW |
Select Language
HTTP/2 200
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-encoding: gzip
content-security-policy: default-src 'none'; style-src 'self' 'unsafe-inline' https:; img-src 'self' https: data:; font-src 'self'; script-src 'nonce-z-HpyzBUHgtMQLrbSvrOjQ' 'strict-dynamic' 'self' 'unsafe-eval'; form-action 'self'; media-src 'self' *.first.org; connect-src 'self' *.first.org; object-src 'none'; frame-src https:; frame-ancestors 'self'; base-uri 'self'
last-modified: Tue, 07 Oct 2025 16:46:24 GMT
referrer-policy: same-origin
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
accept-ranges: bytes
date: Wed, 08 Oct 2025 15:10:23 GMT
via: 1.1 varnish
x-served-by: cache-bom-vanm7210098-BOM
x-cache: MISS
x-cache-hits: 0
x-timer: S1759936222.427018,VS0,VE973
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8189
SBB CERT
- About FIRST
- Mission Statement
- Strategy Framework
- History
- Sustainable Development Goals
- Organization
- FIRST Policies
- Anti-Corruption Policy
- Antitrust Policy
- Bylaws
- Board duties
- Bug Bounty Program
- Code of Conduct
- Conflict of Interest Policy
- Document Record Retention and Destruction Policy
- FIRST Press Policy
- General Event Registration Refund Policy
- Guidelines for Site Selection for all FIRST events
- Identity & Logo Usage
- Mailing List Policy
- Media Policy
- Privacy Policy
- Registration Terms & Conditions
- Services Terms of Use
- Standards Policy
- Statement on Diversity & Inclusion
- Translation Policy
- Travel Policy
- Uniform IPR Policy
- Whistleblower Protection Policy
- Partnerships
- Newsroom
- Procurement
- Jobs
- Contact
- Membership
- Initiatives
- Special Interest Groups (SIGs)
- SIGs Framework
- Academic Security SIG
- AI Security SIG
- Automation SIG
- Cybersecurity Communications SIG
- Common Vulnerability Scoring System (CVSS-SIG)
- CSIRT Framework Development SIG
- Cyber Insurance SIG
- Cyber Threat Intelligence SIG
- Curriculum
- Introduction
- Introduction to CTI as a General topic
- Methods and Methodology
- Priority Intelligence Requirement (PIR)
- Source Evaluation and Information Reliability
- Machine and Human Analysis Techniques (and Intelligence Cycle)
- Threat Modelling
- Training
- Standards
- Glossary
- Communicating Uncertainties in CTI Reporting
- Webinars and Online Training
- Building a CTI program and team
- Curriculum
- Detection Engineering & Threat Hunting SIG
- Digital Safety SIG
- DNS Abuse SIG
- Stakeholder Advice
- Detection
- Cache Poisoning
- Creation of Malicious Subdomains Under Dynamic DNS Providers
- DGA Domains
- DNS As a Vector for DoS
- DNS Beacons - C2 Communication
- DNS Rebinding
- DNS Server Compromise
- DNS Tunneling
- DoS Against the DNS
- Domain Name Compromise
- Dynamic DNS (as obfuscation technique)
- Fast Flux (as obfuscation technique)
- Infiltration and exfiltration via the DNS
- Lame Delegations
- Local Resolver Hijacking
- Malicious registration of (effective) second level domains
- On-path DNS Attack
- Stub Resolver Hijacking
- Detection
- Code of Conduct & Other Policies
- Examples of DNS Abuse
- Stakeholder Advice
- Ethics SIG
- Exploit Prediction Scoring System (EPSS)
- FIRST Multi-Stakeholder Ransomware SIG
- Human Factors in Security SIG
- Industrial Control Systems SIG (ICS-SIG)
- Information Exchange Policy SIG (IEP-SIG)
- Information Sharing SIG
- Law Enforcement SIG
- Malware Analysis SIG
- Metrics SIG
- NETSEC SIG
- Public Policy SIG
- PSIRT SIG
- Red Team SIG
- Security Lounge SIG
- Security Operations Center SIG
- Threat Intel Coalition SIG
- Traffic Light Protocol (TLP-SIG)
- Transportation and Mobility SIG
- Vulnerability Coordination
- Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)
- Women of FIRST
- CCB Initiatives
- FIRST CORE
- Internet Governance
- IR Database
- Fellowship Program
- Mentorship Program
- IR Hall of Fame
- Victim Notification
- Volunteers at FIRST
- Previous Activities
- Special Interest Groups (SIGs)
- Standards & Publications
- Events
- Education
- Blog
SBB CERT
| Team Information | |
|---|---|
| Team name | SBB CERT |
| Official team name | Swiss Federal Railways CERT |
| Member since | December 21, 2022 |
| Host organization | Swiss Federal Railways (Schweizerische Bundesbahnen, SBB) |
| Country of team | Switzerland CH |
| Date of establishment | 2021-11-01 |
| Website | https://www.sbb.ch |
| Business Hours | |
|---|---|
| Timezone | CET |
| Description of business hours | 0800-1700 |
| How to contact outside business hours | We have an internal 24/7 on-call organisation. |
| Constituency | |
|---|---|
| Type of Constituency | Government, Private and Public sectors |
| Source of Constituency | Internal to host |
| Description of Constituency | SBB is part of Switzerland's critical infrastructure, and therefore SBB CERT serves Switzerland, its customers, its more than 30,000 employees and the railroad industry. |
| Internet Domain Address | sbb.ch swisspass.ch sbbcargo.com |
| Country of Constituency | Switzerland CH |
| Cryptography | |
|---|---|
| Team PGP public key | -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP totemomail
Comment: totemomail OpenPGP - https://www.totemo.com
mQENBGM61BABCADqWwcvLDrj1IXw3Vl9hZYH3yiEV9zL7vq7186wnLubY9kAbIRu
w/cAVxz/dH1h1/lfbUltCsfkOemLnXNwExhZ48qTu0JQ8R6wQtQqAAR4OIYEgJeJ
wzeT6HE3Wfjrlqw0nT5lldQAPCtFh7DJQDq05Emk91Bfw1GYTcR1OyZu2IUpc8xG
NOwAQp13iVAyll3EvjEUDycjIk8F9oEKmsndsgXq+r3HHSzUAtkF8sLoHdGhfpA7
QlPBACrwsCIdulYTPITmEHhNclgzET31vZFF02vkOHqAcQFdmuL8kY6j2Q6QJeI7
gRAKgdCyuQYuIytCkXUWZek9gNhgL6FKOTlRABEBAAG0FlNCQi1DRVJUIDxjZXJ0
QHNiYi5jaD6JAhwEEwEIAAYFAmM61BAACgkQ4Te8+SbVeSebKg/9HJ3p9rmgmG1l
og/S0CnJK7H9lrEVsX9igVoEeMgjzHHIxhwAXg3B7Z6a2qDdxhBuMpX6aIy01qNM
RylkFjcSiOLPyWg5n4qJ+131mt/3Mdu3gvONBPsw5yN4oq/UJk6VLror9gmxjvL4
Yo5abIn3KvdCXQS0nNmXLeKi82yYljebOnbKC1TBnNlCiAdWWph9HoL6Kj7Xzb6/
vlrppuj2E/OYz6nxXzMtT93mXRjnxlyovuLw0+3WsGhvXsU4bCrMqMuIvpDFWawT
8H3GRURF6jUaOFogVRMrjVLmzV4pJH5EY6CLIzruVeVDMvdnLsiPp5ZMAEfziydg
gghzCglmM4ogYSpmuqzrvyeZgbRbw4r9NmXim7gY0EE0+tJInQQKH4cZDHSpRt/6
5JUOcEVIQFvTbXGPBS/N4YUUwx09oMJG2bJXFR5/jBOKFF1Nw8C+mg7Og1AzEqQB
TY7VLUjljsDgbk09hVQLwnfMQmmgO2D3lKQPbIKydMSVeaaudl9Fp8/Heh6dXZN9
7cl5x2NqkYYtZzH+7eCTRE/qeC0WX9fH9DF2QkNGb0La5ylLfPXAHEZXTt2xk+Uv
3kNuHhGEq6CsPzTrCxvhBc284LAbjH/bVL9zhYbDupyTe+ofuClTPE4UjupPxqvX
93QziaXfotl46qlS1nyY6PWQburVefuJATYEEwEIACAFAmM61BAGCwkIBwMCBBUI
CQoEFgIDAQIbDwUJA8JnAAAKCRAJqdSQ93quvrjQCAC+8tzrLcsEbwoilDvmC1WT
yrl5aXTSVabwnHvBe53xouDxm9+YjLuBXUIqGflgn/0PiTahuNUjx58YInAEZGVy
Nn/yoGQN+M4fDjTtR8d6Entr45Mn5jAWxuwmgOWLZCQiDsXBVV5DfDTBhXdOFNeB
EgXGgtdC2sNymP9dWkCeCBaGyxoe/spP/DcdJWiHI9OgDSctpE8ZlfiRw9Q3ZO4I
4TID2RJQNfkgFJUcB7Gy70qTp2xY/f2xjpbSt3M3+QCMOjA31c7hFmLoaUCvW+vS
eQrx0nqvQyCA52pMUW1IcawAe9TEYkiTyHfCkkmHJzgIIxL3cxtzZsCtZNUy55/P
=B88X
-----END PGP PUBLIC KEY BLOCK----- |
Team contact information provided for Incident Response purposes only. FIRST strictly prohibits the use of contact information for solicitation or marketing.
FIRST follows the ISO 3166-1 standard for country code and name listings.