Official website of the South African National CSIRT

Traffic Light Protocol

Traffic Light Protocol (TLP) Matrix

The Traffic Light Protocol (TLP) was initially developed to encourage information sharing with and among public and private sector security professionals in the United Kingdom; it has achieved widespread adoption around the globe. The Cybersecurity Hub also uses it to signal how widely its information can be circulated beyond the immediate recipient, as well as on the information it receives. The TLP is a set of designations used to ensure that sensitive information is shared with the correct audience. It uses four colours to indicate different degrees of sensitivity and the corresponding sharing considerations to be applied by the recipient(s).

Colour  When should it be used? How may it be shared?
RED
(Personal for named recipients only)
Sources may use TLP: RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party's privacy, reputation, or operations if misused. Recipients may not share TLP: RED information with any parties outside of the specific exchange, meeting, or conversation in which it is originally disclosed.
AMBER
(Limited distribution)
Sources may use TLP: AMBER when information requires support to be effectively acted upon, but carries risks to privacy, reputation, or operations if shared outside of the organisations involved. Recipients may only share TLP: AMBER information with members of their own organisation who need to know, and only as widely as necessary to act on that information.
GREEN
(Community wide)
Sources may use TLP: GREEN when information is useful for the awareness of all participating organisations as well as with peers within the broader community or sector. Recipients may share TLP: GREEN information with peers and partner organisations within their sector or community, but not via publicly accessible channels.
WHITE
(Unlimited)
Sources may use TLP: WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. TLP: WHITE information may be distributed without restriction, subject to copyright controls.

Keep Safe Online:

Online Safety

Device Security

Malicious Software Countermeasures

 

 

 

 

 

Report Cybersecurity related incidents to Cybersecurity Hub

You can also call SAPS on: 08 600 10111