1. DOCUMENT INFORMATION 1.1. ABOUT THIS DOCUMENT This document contains a description of Security Operations Center ELT-Group SpA (hereinafter referred as to SOC-ELT) in according to RFC 2350. It defines the basic information related to SOC-ELT, including a brief explanation of the tasks and services offered and contacts to get in touch with us. 1.2. DATE OF LAST UPDATE Version 1.0, updated on 09/06/2025. 1.3. LOCATIONS WHERE THIS DOCUMENT MAY BE FOUND The current and latest version of this document is available on ELT Group website. Its URL is https://www.eltgroup.net/company/security-operation-center 1.4. AUTHENTICATING THIS DOCUMENT This document has been signed with the PGP key of SOC-ELT. The public PGP key is available in SOC-ELT website. 1.5. DOCUMENT IDENTIFICATION Title: SOC-ELT - RFC 2350 Version: 1.0. Document Date: 09/06/2025 Expiration: this document is valid until it is replaced by a later version 2. CONTACT INFORMATION 2.1. NAME OF THE TEAM Full Name: Security Operations Center ELT-Group SpA Short Name: SOC-ELT 2.2. ADDRESS Postal Address: SOC-ELT Via Tiburtina Valeria, 13700, 00131 Rome, Italy. 2.3. TIME ZONE Central European (GMT+0100 and GMT+0200 from the last Sunday of March to the last Sunday of October). 2.4. TELEPHONE NUMBER N/A. 2.5. ELECTRONIC MAIL ADDRESS To communicate with SOC-ELT is possible to send an email to soc@elt.it. All members of SOC-ELT team can read messages sent to this address. 2.6. PUBLIC KEYS AND OTHER ENCRYPTION INFORMATION In order to guarantee the security of communications the PGP technology is supported. SOC-ELT public PGP key for soc@elt.it is available on the public PGP key servers and on SOC-ELT website. Public Key of SOC-ELT: - USER-ID: SOC-ELT - KEY-ID: 0xF6D951D4 - Fingerprint: 49148284F0065D6D0A2C1B0E24058F7DF6D951D4 Third parties to establish a security communication with SOC-ELT shall use PGP public key. 2.7. TEAM MEMBERS The SOC-ELT team leader is Giampiero Fabrizi. The team is made up of cyber security experts. 3. OTHER INFORMATION General information about SOC-ELT can be found on SOC-ELT website: https://www.eltgroup.net/company/security-operation-center 3.1. POINTS OF COSTUMER CONTACT The preferred method to contact SOC-ELT is by email: soc@elt.it. The mailbox is checked 24h/7days. The use of PGP is required to send confidential or sensitive information. If is not possible to contact SOC-ELT via e-mail for security reasons, the contact may take place via telephone. 3.2. CHARTER 3.2.1. MISSION STATEMENT The SOC-ELT mission is to support and protect its constituency from potentially critical cyber threats having concrete possibility to compromise company operational capability or to pose a serious threat to information security. SOC-ELT will operate according to the following key values: • Highest standards of ethical integrity • Improve cyber-security awareness and culture • High degree of service orientation and operational readiness • Effective responsiveness in case of incidents and emergencies and maximum commitment to resolve the issues • Facilitating the exchange of good practices between constituents and with peers 3.2.2. CONSTITUENCY The establishment of the SOC-ELT was mandated via corporate directive. 3.2.3. SPONSORSHIP AND/OR AFFILIATION SOC-ELT maintains contacts with various national and international CERT/CSIRT teams, such as National Cybersecurity Agency, according to its needs and the information exchange culture that it values. 3.2.4. AUTHORITY The establishment of the SOC-ELT was mandated via corporate directive. 3.3. POLICIES 3.3.1. TYPE OF INCIDENT AND LEVEL OF SUPPORT SOC-ELT manage and address information security incidents, which occur or threaten to occur in its constituency. The level of support given by SOC-ELT will vary depending on the severity of the information security incident, the related assets impacted and the CERT's resources at the time. 3.3.2. CO-OPERATION, INTERACTION AND DISCLOSURE OF INFORMATION SOC-ELT highly considers the importance of operational coordination and information sharing among CERTs, CSIRTs, SOCs and similar bodies, and also with other organizations, which may aid to deliver its services or which provide benefits to SOC-ELT. SOC-ELT recognizes and supports the ISTLP (Information Sharing Traffic Light Protocol). 3.3.3. COMMUNICATION AND AUTHENTICATION SOC-ELT protects sensitive information in accordance with relevant local regulations and policies. Communication security (which includes both encryption and authentication) is achieved using primarily PGP or any other agreed means, depending on the sensitivity level and context. 4. SERVICE 4.1. INCIDENT MANAGEMENT SOC-ELT performs incident handling, response on-site, support and coordination for its constituency through its internal structure. The incident management services as developed by SOC-ELT covers all “5 steps”: - Preparedness and prevention; - Detection - Analysis - Response - Recovery 4.2. THREAT INTELLIGENCE The SOC-ELT performs the threat intelligence services in order to improve prevention, detection, identification and information security incidents response capabilities and strength the ELT Group cyber security posture. 5. INCIDENT REPORTING FORM SOC-ELT does not provide any incident reporting form in a public web page. For SOC-ELT’s constituency, the incident reporting must follow the internal procedures. 6. DISCLAIMERS While every precaution will be taken in the preparation of information, notification and alerts; ELT Group assumes no responsibility for errors or omissions or for damages resulting fron the use of the information contained within.