The Australian Computer Emergency Response Team (AusCERT), is Australia's foremost Computer Security Incident Response Team (CSIRT). AusCERT provides a coordination role for handling computer security incidents between relevant parties and is recognised throughout the world for its computer security expertise and its strong focus in the Asia-Pacific region.

AusCERT, which began operations in 1992, operates within The University of Queensland, Australia, and is funded primarily through membership fees, with some additional income from value added services such as research, training and education. Members include industry bodies, business enterprises, universities and government agencies from Australia and New Zealand. As a full member of the Forum of Incident Response and Security Teams (FIRST), an international organisation of some 100 CSIRTs worldwide, AusCERT has helped set up national and regional CSIRTs in a number of countries in the Asia-Pacific region and continues to retain close ties with them.

AusCERT's main functions include:

• incident handling;
• monitoring and reporting on computer network threats and vulnerabilities through our alerts (computer threats) and advisories (computer vulnerabilities) and producing various reports and articles on computer security;
• providing training and education in computer security and incident handling and response; and
• providing consultancy services to assist organisations establish their own CSIRT or incident response teams.

A valuable part of AusCERT's incident handling service is the automated pattern matching service which provides a mechanism to match related computer network attack activity across separate networks. This service may assist in distinguishing between multiple minor unrelated attacks and a more serious coordinated attacks affecting multiple sites.

Publications
AusCERT publishes advisories, alerts, newsletter articles, computer security checklists and FAQ documents. These documents provide information about software and network vulnerabilities, defence and mitigation strategies and early warning of likely attacks. AusCERT also produces articles which summarise developments and trends in Internet security.

Training and Education
AusCERT develops and presents various training and educational programs describing industry best practice in incident handling and other aspects of computer security management. Target audiences include security professionals, decision-makers and professionals in other fields. This program is in the form of tutorials and lectures at conferences, scheduled training courses and other special industry events. AusCERT also assists in the establishment of other CSIRTs nationally and throughout the world.

Research and Analysis
As the national CSIRT for Australia, AusCERT collects from its members and the public, reports of computer security incidents which we use to assist with incident handling and to identify trends and assess the impact and nature of computer network attacks within Australia and New Zealand.

AusCERT investigates and researches a range of issues that affect Internet security for government and industry. The results of these studies are used to inform computer security practitioners of 'best practice' initiatives. At a technical level, AusCERT provides analysis of software vulnerabilities within operating systems, applications and network software and also analyses computer network attack tools for the purpose of discovering how they work. This information is used to support vendors in developing solutions to technical problems and assist members to defend themselves from attack.