Effective defense requires accurate data and an understanding of the environment you operate within. This repository is maintained as a public good for the Trinidad and Tobago cybersecurity community. It provides a foundational baseline of local regulatory bodies, technical frameworks, and operational tools required to map attack surfaces, maintain compliance, and build operational resilience.
The national node for coordinating cyber incident response. The primary source for localized vulnerability advisories and threat intelligence.
The regulatory body governing the national telecommunications backbone. Critical for understanding the mandatory cybersecurity frameworks applied to local ISPs and broadcasters.
The regional body responsible for the CARICOM Cyber Security and Cybercrime Action Plan (CCSCAP). Essential for understanding cross-border intelligence sharing and regional legislative harmonization.
The foundational legislation governing the privacy and handling of personal data within the Republic.
The legal framework defining unauthorized access, data interference, and digital fraud locally.
Global frameworks and reconnaissance tools critical for defending local networks.
MITRE ATT&CK Framework: The globally recognized knowledge base of adversary tactics and techniques. We map all local incidents in our monthly intelligence reports back to MITRE techniques.
CISA Known Exploited Vulnerabilities (KEV) Catalog: The authoritative list of vulnerabilities actively being exploited in the wild. If it is on this list and exists in your environment, patching is an immediate, drop-everything priority.
Shodan & Censys: Search engines for internet-connected devices. Critical for mapping an organization's external attack surface and identifying shadow IT or exposed legacy infrastructure in the region.
Kali Linux: The industry standard for penetration testing and ethical hacking operations.