TRANSITS I course is aimed at new or potential CSIRT personnel who wish to gain a  solid understanding of the main aspects of working in an incident handling and response team. It offers experience and expertise in Operational, Organisational, Legal and Technical areas which form knowledge basis for CSIRT personnel.

  • Organisational – covers how CSIRTs fit within their organisations and includes planning the team, defining its constituency, determining which services to offer, staffing, communicating with external parties, funding, and obtaining management authority.
  • Technical – covers how intruders attack systems and their motivations, how network protocols can be abused, vulnerabilities of operating systems and services, denial-of-service attacks, hiding traces, and information gathering techniques. Includes several practical exercises.
  • Operational – covers the incident handling process from initial reports, through triage, investigation, resolution, closure, to post-analysis. Includes practical exercises and a survey of useful tools.
  • Legal – covers areas of European legislation likely to affect CSIRTs in their work, and that operatives should be familiar with. This includes data protection, computer misuse, network monitoring, collection of evidence, and working with law enforcement agencies.

Other topics such as PGP keys and relevant RFCs are also covered during the course.

TRANSITS I offers participants a unique opportunity to mix with their peers and discuss security issues in a secured and trusted environment, whilst being tutored by seasoned experts of the European CSIRT community. Therefore TRANSITS I is an excellent opportunity for CSIRT personnel to acquire knowledge and build network. The course is open to individuals currently working for a CSIRT or network security related organisation, and those with bona-fide interest in establishing a CSIRT. Applications are also welcome from commercial, governmental, law enforcement and military organisations, as well as national research and education networks (NRENs) and research and education institutes.

Who Should Attend?

Typical participants are usually experienced IT professionals with the growing interest and professional need to become system or network security experts. Familiarity with Internet protocols, addresses and port numbers is assumed. The basic expectation is that all participants are aware of security issues involved in connecting computers to the Internet and are committed to using their skills to improve the security of computers and networks. Individuals from other backgrounds and with other interests are welcome to contact the organisers to discuss their suitability for the course.

Dates & Locations

There are usually two TRANSITS I courses per year, one in spring and one in autumn. The course lasts two and a half days and involves 20-30 participants. 

The next TRANSITS I will take place:

TRANSITS I licensed courses are also periodically organised by third parties.

Course Fees

The course fees for TRANSITS I are:

Organisation typetransits I
Non-commercial organisations€1,350**
Commercial organisations€1,700**

**These fees include accommodation for three nights, three lunches, one evening meal, coffee breaks, and course materials.