CERT CEA ACTIVITIES
CERT-CEA's scope of action covers all the company's information systems. Its key activities include:
- Detecting incidents or receiving incident reports
- Analysing, diagnosing, correlating, and prioritizing incidents
- Escalating incidents to the appropriate teams
- Assisting in resolution and verifying remediation measures
- Coordinating with other organizations
CONTACT
Cybersecurity incidents must be reported by mail to : cert@cea.fr
Confidential information can be encrypted using our PGP key 0xD1DF1C6C with the fingerprint 30BC9DD6816F3804C10DC82B4BEDCC8BD1DF1C6C, available here. Download Public Key
A phone number is available during regular French business days and hours: +33 6 85 82 64 32.
For any other contact, you can write to us at the following address:
CERT-CEA
DSSN/S3I - bat 19
18 route du Panorama, B. P. 6
92265 Fontenay-aux-Roses cedex
France
RFC 2350
RFC 2350 is a standardized document describing the services provided by a CERT, its roles, responsibilities, and communication methods.
For more information, please read our RFC2350 (French version).
The PGP signature of the document is also available here :
VULNERABILITY REPORTING
CEA thanks and acknowledges security experts who identify vulnerabilities affecting our systems. However, it does not offer a reward program for these discoveries when they are made outside of a previously established contractual framework.
R&D
Beyond the operational activities of CERT, cybersecurity is also present at CEA within its research teams, which develop innovative solutions for digital security. To learn more about this field of research, check out our cybersecurity report https://www.cea.fr/Pages/domaines-recherche/defense-securite/cybersecurite-le-numerique-en-jeu.aspx