CiviCERT Membership Policy

LAST UPDATE | 28 APRIL 2026

CiviCERT is an international network of rapid responders, digital security help desks, and infrastructure providers focused on supporting individuals, groups, and organizations striving towards social justice and the defense of human and digital rights. It is a coordinating network for this work, accredited by Trusted Introducer, the European network of trusted computer emergency response teams (CERTs).

Given its independent status outside of existing organizations, CiviCERT is a neutral coordinating center for technical civil society organizations, and is open and participatory as any civil society group can apply to join.

Members are primarily not-for-profit civil society organizations, groups, and collectives – organizations do not have to be legally registered to be a member of CiviCERT. For-profit and individual membership is possible in exceptional cases.

Member services

Services for members include:

  1. The Digital First Aid Kit (DFAK) – a resource for rapid responders, as well as a tool for contacting CiviCERT organizations
  2. A private encrypted mailing list
  3. A Malware Information Sharing Platform (MISP) instance
  4. A dedicated Mattermost instance
  5. A dedicated Nextcloud instance
  6. In-person and online network gatherings
  7. Other infrastructure and services as needed

Member benefits

  • Members of CiviCERT have access to the above-mentioned services and resources.
  • Members if they wish will be listed in the civicert.org website.
  • If they wish too, members will be listed in the DFAK website and have access to the DFAK repository.
  • Members will be able to share cases without vetting and sharing sensitive information on threats, as well as manage CiviCERT membership and procedures.
  • Members will have access to internal resources and knowledge base.
  • Members will be invited to CiviCERT events.
  • Members will have access to training and professional development opportunities.

Procedure for joining

  • Adopt CiviCERT’s Code of Conduct
  • Adopt CiviCERT’s vetting policy
  • Adopt CiviCERT’s information management policy
  • When CiviCERT policies are adopted, candidates can apply by having three existing CiviCERT members from different organizations nominate them. This begins the one-month evaluation period for the nomination.
  • The member(s) from the network nominating a candidate need to provide the following background information about that organization/group/person:
    • How do you know this organization/group/person? proposed member should be proposed or explicitly supported by an existing CiviCERT org/group from that place (country/region).
    • Have you worked with them, on what? proposed member must have some past experience working with the CiviCERT member who is nominating them.
    • What would the added value of this organization/group/person for CiviCERT be?
    • What rapid response services do they provide?
  • While applying, potential CiviCERT members will be invited to join the Rapid Response Network (RaReNet) community – by joining RaReNet, they will be subscribed to the RaReNet mailing list and will be invited to public RaReNet events.
  • During the one-month evaluation window of a proposed member, a video call will be organized with the incoming member, the existing member that proposed them, and inviting anyone else from the network who is interested. the purpose is to help the proposed member get a better sense of the network (and the network of the member), answer any questions, etc.
  • If there are no objections by existing CiviCERT members, after one month the nomination will be accepted.
  • Once the application has been accepted, the new member will agree with the vetting and information management policy and provide the necessary information for civicert.org website and, if relevant, the Digital First Aid Kit.

Requirements for members:

  • Member organizations will ideally have at least two contacts within CiviCERT, in case one contact is unresponsive.
  • Members who want to be included in the DFAK website will fill in a form with all the required information, including a list of provided services.
  • Members will contribute to the maintenance and management of CiviCERT (infrastructure, accreditation, etc.).
  • Members must share with the network any potential conflicts of interest, such as working for a for-profit threat intel company while being part of CiviCERT.
  • No members of CiviCERT may use CiviCERT’s name, image, or other aspect of the network’s identity to create a false or misleading impression that they are official representatives of CiviCERT. If any member wishes to utilize the CiviCERT identity (or a separate identity that is similar enough to cause confusion), that member should first discuss within the network the use-case or provide qualifying language on their site to prominently and unambiguously state that they are not the official CiviCERT.
  • Membership is renewed every year via a survey. The survey has two purposes:
    • Confirming your interest and capacity in continuing to be a member
    • Asking for your feedback regarding the membership of the other members. You can either 1) confirm your support or 2) raise any request for re-evaluation of the membership of others in the network
  • Please note that filling out this survey is important — not filling out the survey can result in the reevaluation of one’s membership

Exiting members

If a representative of an organization leaves a member organization, they or their organization should inform about a new colleague to join CiviCERT in their place.

Any member may leave the group at any time without the need to give any explanation. After leaving, all members will have to abide to the confidentiality agreement in the information management policy they agreed with when joining.

Termination of membership

If a member of CiviCERT:

  • has no communications with the network for longer than 12 months,
  • violates CiviCERT’s policies including the Code of Practice,
  • does not cooperate or contribute to the purposes and goals of CiviCERT — for instance, the network not hearing from a member in over a year or them not resolving communications obstacles (expired key, no mattermost account) in over a year,
  • or is reported by another member organization, who raises trust or security concerns regarding the member’s participation in CiviCERT,

their membership will be reviewed and potentially suspended. Membership revocation shall require support from at least three members. The affected member shall be provided an opportunity for rebuttal prior to revocation.

Lifting suspension and restoration of access to CiviCERT services shall require no blocking votes from members.

Decision-making within the network

When decisions need to be made by CiviCERT members, they will be clearly presented and facilitated on the encrypted mailing list & Mattermost, giving 15 days for discussing the proposal and achieving a collective consensus. If consensus is blocked by only one or a few members, they need to communicate on what basis this blocking is done — such as serious security or ethical concerns that can put at risk CiviCERT’s reputation or integrity.

Changes to this policy

This policy can be changed within the network. Proposed changes will be submitted in advance to the network.