The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "EGI-InSPIRE:Plan 2013 SA1.2"
Jump to navigation
Jump to search
| Line 84: | Line 84: | ||
===SVG meetings=== | ===SVG meetings=== | ||
* | * Regular monthly SVG meetings | ||
* SVG session at Technical Forum | |||
===Revise and improve Vulnerability Issue handing procedure === | ===Revise and improve Vulnerability Issue handing procedure === | ||
* Revise EGI Software Vulnerability Handling procedure for Post EMI/IGE. (Also submitted an abstract to present this at the CF.) | * Revise EGI Software Vulnerability Handling procedure for Post EMI/IGE. (Also submitted an abstract to present this at the CF.) | ||
* Poster at CF on how to report a vulnerability or incident (and explain the difference) to be generally useful as well as for the CF. (CSIRT/SVG) | |||
* Further revise Vulnerability issue handling - after a few months using it. | |||
===Continue Vulnerability issue handling=== | ===Continue Vulnerability issue handling=== | ||
* | * Regular ongoing work | ||
===Vulnerability Assessments=== | ===Vulnerability Assessments=== | ||
* Completion of WMS vulnerability Assessment (asked Elisa to confirm) | * Completion of WMS vulnerability Assessment (asked Elisa to confirm) | ||
* Start of CREAM vulnerability Assessment (asked Elisa to confirm) | |||
* Report on Status of Vulnerability assessment after the end of EMI - and whether anything further can be done. | |||
==Coordination EUGridPMA== | ==Coordination EUGridPMA== | ||
Revision as of 17:34, 19 February 2013
| Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
| Inspire reports menu: | Home • | SA1 weekly Reports • | SA1 Task QR Reports • | NGI QR Reports • | NGI QR User support Reports |
Assessment of progress in 2012
Completed Activities and Milestones
Milestones not accomplished
Plans for 2013
Cross Security Teams Activities
- MS235 Security Activity within EGI Month 34 Report detailing the non-operational security activity within EGI including SCG, SVG, EUGridPMA and IGTF.
- EGI Security Threat risk assessment - Report on what is being done concerning threats of highest risk value and highest impact value.
- Also we should look at Clouds and implications for the various security groups, what needs to be done. Since in the 6th highest risk threat was clouds - and so many seem to assume all the security problems go away and they can ignore us all.
EGI CSIRT Activities
CSIRT meetings
RTIR ticketing system
Incident Response
Daily security operations
Security drills
Security monitoring tools
Security Dashboard
Pakiti
Site wide security monitoring
Nagios security monitoring
Security Training&Dissemination
Security procedures
- EGI CSIRT operational procedure for compromised certificates. (1st quarter)
Other Activities
EGI SVG Activities
SVG meetings
- Regular monthly SVG meetings
- SVG session at Technical Forum
Revise and improve Vulnerability Issue handing procedure
- Revise EGI Software Vulnerability Handling procedure for Post EMI/IGE. (Also submitted an abstract to present this at the CF.)
- Poster at CF on how to report a vulnerability or incident (and explain the difference) to be generally useful as well as for the CF. (CSIRT/SVG)
- Further revise Vulnerability issue handling - after a few months using it.
Continue Vulnerability issue handling
- Regular ongoing work
Vulnerability Assessments
- Completion of WMS vulnerability Assessment (asked Elisa to confirm)
- Start of CREAM vulnerability Assessment (asked Elisa to confirm)
- Report on Status of Vulnerability assessment after the end of EMI - and whether anything further can be done.