EGI-InSPIRE:SA1.2-QR5
1. Task Meetings
Date (dd/mm/yyyy) | Url Indico Agenda | Title | Outcome |
---|---|---|---|
19/05/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=483 | The EGI Software Vulnerability Group meeting | Review previous month activities and plan for the coming month |
26/05/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=492 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
16/06/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=499 | The EGI Software Vulnerability Group meeting | Review previous month activities and plan for the coming month |
23/06/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=505 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
21/07/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=552 | The EGI Software Vulnerability Group meeting | Review previous month activities and plan for the coming month |
21/07/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=550 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
EGI CSIRT also has a weekly operation meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)
2. Main Achievements
EGI CSIRT Term of Reference (ToR) has been approved (https://documents.egi.eu/document/385). Milestone MS412 - Operational Security Procedures is under external review. The new ticketing system for incident response - RTIR has been setup and is now in production. The development of security dashboard is making good progress. A early prototype has been made available to EGI CSIRT. Further requirement is being gathering.
EGI CSIRT has handled one multiple-site security incident and issued one security advisory during the quarter. EGI security incident handling procedure is being updated. A cross EGI security service challenge (SSC5) has completed. In total 40 EGI sites participated. The final report will be made available at EGI TF.
3 new vulnerabilities were reported to SVG during the quarter. 1 resulted in an advisory issued by CSIRT requesting mitigating action. SVG issued 3 advisories, including 2 due to 'Low' risk issues being fixed by the EGI UMD-1 release. The EGI Software vulnerability issue handling process has been updated, after 1 years experience. Regular SVG monthly meetings are now being held.
3. Issues and Mitigation
Issue Description | Mitigation Description |
---|---|
The new ticket system - RTIR will be used to handle security incident and critical vulnerabilities. Some internal procedure need to be updated to reflect the change | identify any inconsistence and update internal procedure accordingly |
4. Plans for the next period
EGI CSIRT will hold a face to face meeting on Monday 19 September at EGI TF. A security training has also been organizied by EGI CSIRT at next EGI Technical Forum in Lyon. EGI SVG will hold an internal face to face meeting and an open meeting for general audience at next EGI TF. Security service challnege framework is being developed and will be made available to NGI at EGI TF.