The South African National Research Network

Computer Security Incident Response Team

1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

The SANReN CSIRT is a proactive, academic sector, coordinating CSIRT. We provide services and support to the beneficiaries and customers of the South African National Research and Education Network (NREN) for preventing and responding to IT security incidents.

Our constituency includes the South African public universities, science councils, research organisations and supporting institutions (AS 2018 (TENET) / domains).

Vulnerability Assessments

Our vulnerability assessments service encapsulates a process to identify, classify, report on and provide remediation advice for the security weaknesses of a constituent’s IT infrastructure. It entails a scan to uncover exploitable weaknesses in network devices, servers and systems. The results are manually verified and then compiled into an easy-to-read, actionable report.


Our announcements service aims to provide information that is useful to the constituency for mitigating the occurrence of information security incidents / malicious activity. Each “post” is categorised as either an alert, advisory or article. We use a combination of automated information gathering, manual verification or supplementation and third party sources to obtain and generate this information.


Our resources service offer a collection of cybersecurity incident response playbooks, with each playbook providing a set of pre-defined steps and procedures that outline how to response to a specific type of cybersecurity incident. The playbooks offer incident managers and stakeholders with a consistent approach to follow when remediating a cybersecurity incident.