Warps Explained
A WARP is a community-based service where members can receive and share up-to-date advice on security threats, incidents and solutions. This community is supported by a WARP operator.
A WARP can offer one or more of three services:
Filtered Warnings.
A WARP delivers filtered warnings to its members so that they may maintain their system security. The warnings are filtered so that members will only receive warnings relevant to their own systems: a Linux-only user will not receive warnings about Microsoft vulnerabilities. The purpose is to ensure that members receive pertinent information in a timely and relevant manner without needing to go looking for the information, nor being inundated with irrelevant information.
Advice Brokering.
The advice brokering element of a WARP is a mechanism by which members may seek and/or give advice to their colleagues. It is, in effect, a closed, secure and anonymous meeting place; a forum where Members can discuss problems, and the operators, knowing their members' needs and knowledge/skills, can provide an information brokering service.
Trusted Sharing.
A WARP provides a trusted reporting point mechanism for sharing security incidents and other sensitive information without fear that the information will be used against them. Pooling and sharing this information with other members of the WARP, and possibly other WARPs as well, will lead to more robust and secure systems.
Why are WARPs needed?
- There is a huge daily volume of security information generated to help protect organisations. Keeping on top of this information is time consuming and often a luxury some cannot afford.
- Community members often lack the opportunity to share best practice and advice despite common needs.
- Lack of trust inhibits the sharing of sensitive information about problems with attacks on their IT systems.
- Solutions to some of these problems exist but can be costly.