FYI: NCCIC Cobalt Compartment

Background Information: The National Cyber-security and Communication Integration Center (NCCIC) is announcing the start of a new information sharing initiative called the Cobalt Compartment.

Additional Information: The Cobalt Compartment of the US-CERT Portal provides secure access to actionable cyber security information to the global community of cyber security professionals. Through this compartment, the NCCIC will share threat indicators and advisory information with public, private, and international partners in the network defense community. The compartment will provide partners access to TLP GREEN information for use in risk management. Examples of the Cobalt content include but are not limited to:

· Malware Initial Findings Reports (MIFR) -Malware Initial Findings Reports provide organizations with malware analysis in a timely manner. In most instances this report will contain enough information to assist in understanding the basic functionality of the code, as well as provide initial indicators for network defense.

· Joint Indicator Bulletins (JIB) - Joint Indicator Bulletins provide incident analysis and timely information derived from new cyber incidents and/or malicious code, threat, and vulnerabilities to federal and state governments, Critical Infrastructure and Key Resources (CIKR), private industry, or a country CERT.

· Malware Analysis Reports (MAR) - Malware Analysis Reports provide detailed code analysis and insight into specific tactics, techniques, and procedures (TTPs) observed in the malware.

Specific Instructions: An individual or organization can request access to the Cobalt Compartment by contacting nccic_partnership@hq.dhs.gov and including your name, justification, and company or organization affiliation. Membership is restricted to entities that are:

· A U.S.- based critical infrastructure organization;

· Professionals working in a network defense or cybersecurity incident response role within a critical infrastructure organization;

· Members of international federal cyber incident response teams or non-governmental computer network defense organizations.