Difference between revisions of "EGI CSIRT:IRTF"
Jump to navigation
Jump to search
(→Tasks) |
|||
Line 17: | Line 17: | ||
** Derive monitoring rules applicable to EGI | ** Derive monitoring rules applicable to EGI | ||
== Coordinator == | |||
* Vincent Brillault from CERN | * Vincent Brillault from CERN | ||
Revision as of 17:58, 19 June 2018
public team pages| Incident Response Task Force (IRTF) | Security Drills Group (SDG) | Security Monitoring Group (SMG) |
public pages | Mission | Incident reporting | Dissemination | Alerts | Operational notices | Monitoring | Security challenges | Policies | Contacts |
Incident Response Task Force
Objective
Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
Tasks
- Swift response to any reported computer security incident affecting EGI infrastruture
- Security Incident Management
- Existing communication channel (mail list/security wiki) migration
- New communication channel (if needed) setup
- Incident response tools development, evaluation and adaptation
- Incident handling procedures update/maintainence
- Establish additional operational and/or escalation procedures when required
- a procedure to suspend a site from the EGI infrastructure
- a procedure and agreed criteria to ban (blacklist) a user, a group of users and/or a VO
- Maintain and extend open source intelligence and information exchange with trusted partners
- Gather information about current cyber attack and threats
- Derive monitoring rules applicable to EGI
Coordinator
- Vincent Brillault from CERN