106 by developers against software they develop. In addition, there were 3 issues
published to serve as technical alerts, based on publicly available information. In June 2010, JPCERTCC became a CVE Numbering Authority CNA. Since
then, JPCERTCC has been releasing Japan Vulnerability Notes JVN and JVN iPedia entries that contain reserved CVE Identifier numbers.
• JPCERTCC Weekly Report
JPCERTCC publishes weekly reports on selected security information of the preceding week, including a useful tip which is relevant to current issues.
• JPCERTCC on Twitter
https:twitter.comjpcert Japanese https:twitter.comjpcert_en English
Since January 2009, JPCERTCC has been providing information security related alerts via Twitter.
• JPCERTCC Official Blog
http:blog.jpcert.or.jp English Since September 2010, JPCERTCC has been providing security news related
to Japan as well as activities happening at JPCERTCC on its English blog. In 2014, 18 articles were published.
Quarterly Activity Reports
https:www.jpcert.or.jpreport Japanese https:www.jpcert.or.jpenglishdocreports.html English
JPCERTCC publishes quarterly activity reports and studyresearch reports. Since August 2014, its English versions are also available.
2.4. Industrial Control System Security
Since 2008, JPCERTCC has been working on awareness-raising of the industrial control system ICS security in Japan. In January 2013, we extended our services
on incident handling to ICS area. We have provided presentations at some seminars and support in cyber incident exercise to engineers of Japanese asset
owners. We have also released an ICS security assessment tool “J-CLICS”, developed in collaboration with some experts from ICS vendors and asset owners.
107
2.5. Analysis Center
JPCERTCC has a research team to conduct technical examination and artifact analysis, including not only viruses and bots but also tools which can potentially be
used with malicious intent. As the findings through the analysis are crucial in the course of incident handling, our Analysis Center is committed to enhance the
analysis environment and its capability.
2.6. Education Public Awareness
• Secure Coding JPCERTCC provides secure coding seminars on CC++, Java and Android.
• HTML 5 Security Report
In 2014, JPCERTCC compiled a report entitled Investigation Report Regarding Security Issues of Web Applications Using HTML5 to provide
organized material which could serve as a basis for technical documentation and guideline for secure web application development using HTML5.
https:www.jpcert.or.jpenglishpubsrhtml5.html •
Open DNS Resolver Check Site http:www.openresolver.jp Japanese
http:www.openresolver.jpen English JPCERTCC released the “Open DNS Resolver Check Site” on 31
October, 2013. This web-based tool allows visitors to check whether the DNS server
configured on their PC andor network device connecting to the site is running as an open DNS resolver or not.
2.7. TSUBAME Internet Threat Monitoring Data Sharing Project
The TSUBAME project is designed to collect, share and analyze Internet traffic data, in order to better understand the Internet threats in the Asia Pacific region.
It deploys sensors widely in the region, collecting and sharing the data with all participating teams. The TSUBAME project aims to establish a common platform
to promote collaboration among CSIRTs in the Asia Pacific region. TSUBAME Working Group is active in APCERT and observation results are exchanged among
the teams.
108
2.8. Associations, Projects and Communities