Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI-InSPIRE:SA1.2-QR8"

From EGIWiki
Jump to navigation Jump to search
(Created page with "= 1. Task Meetings = <!-- Notes. Report here all task-specific meetings held. This includes (a) face-to-face meetings and (b) phone meetings. Make sure that for all task meetings...")
 
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Template:EGI-Inspire menubar}}
{{Template:Inspire_reports_menubar}}
{{TOC_right}}
= 1. Task Meetings = <!--
= 1. Task Meetings = <!--
Notes. Report here all task-specific meetings held. This includes (a) face-to-face meetings and (b) phone meetings. Make sure that for all task meetings participants are ALWAYS recorded either on indico from the registrants’ list, or in the minutes.  
Notes. Report here all task-specific meetings held. This includes (a) face-to-face meetings and (b) phone meetings. Make sure that for all task meetings participants are ALWAYS recorded either on indico from the registrants’ list, or in the minutes.  
Line 53: Line 57:
-->  
-->  


SA1.2 2012 roadmap was discussed and agreed [https://wiki.egi.eu/wiki/Plan_2012_SA1.2 roadmap] is now online. The second release of security dashboard was made avaliable before Christmas of 2011. Some important improvement has been made. The improvement of security dashboard continues and it is expected to be in full production by end of Q1 of 2012. The the development of security challenge framework continue. The SSC5 NGI run is expected to start in the Q1 of 2012. The next CSIRT 2 days face to face meeting will be held at CNAF in Bologna, Italy.
Security dashboard was released in full production. EGI CSIRT had a face to face meeting at Bologna, where activities and EGI CSIRT 2012 roadmap were reviewed and discussed. Two hands-on trainings were organized. They are "Forensic and incident response" and "RTIR handson training". Spanish NGI started the SSC5 pilot run on 25th April and it is expected to be completed in 2 weeks. In this quarter, EGI CSIRT handled one security incident.
 
SVG has improved co-ordination of fixing of issues and release of advisories, with EMI and EGI DMSU,  to ensure advisories issued when software is released, this has made significant progress. SVG received the report on the Vulnerability Assessment of VOMS core from EMI.
 
EGI delivery D4.4 was completed and went to the external reviewers on 2nd January 2012. Comments from the reviewers received on 14th January. These have been addressed and the document has been finalized.


In this quarter, CSIRT has issued two security alerts, one is critical and one is high risk and handled 3 security incidents; SVG has handled 11 reported vulnerabilities and issued 4 advisories.  
During this quarter, 3 new vulnerabilities were reported to EGI SVG. In total 2 advisories were issued by SVG.  


The EGI Security Threat Risk assessment team was formed, several teleconferencing meetings have taken place to facilitate the work. 75 threats identified and an initial risk assessment and preliminary report has been produced.


= 3. Issues and Mitigation = <!-- fill the table below -->  
= 3. Issues and Mitigation = <!-- fill the table below -->  
Line 77: Line 78:


= 4. Plans for the next period = <!-- provide your text below -->
= 4. Plans for the next period = <!-- provide your text below -->
CSIRT will continue working with security dashboard developers. The security dashboard will be in full production by end of Q1 of 2012. Domain name of CSIRT Nagios box will be migrated from current srv-102.afroditi.hellasgrid.gr into *.egi.eu domain, no service interruption is expected. SSC5 regional run in NGIs, to pilot at least one NGI run in Q1 of 2012, and assist NGI security officers for their regional runs after the initial pilot.


SVG will continue issue handling and improving usage of the EGI RT tracker to allow better reporting, including metrics. Discussion and plans on what should be done to assess new software, e.g. software from providers with which EGI is forming a relationship. EMI starting on Security Vulnerability Assessment of WMS.
The Deutch NGI will start the SSC5 NGI run during this quarter (after the Spanish NGI run). The EGI SSC6 run is under preparation and plan to start in middle of July 2012.
 
EGI CSIRT is working on a proposal for site-wide security monitoring. The proposal is expected to be completed and submit to OMB for discussion by end of June 2012
 
Improve usage of the EGI RT tracker to allow better reporting, including metrics. This was delayed as the EGI Security Threat Risk assessment and producing a preliminary report took priority.
 
Continue working on the procedure for compromised certificates, whether short lived proxies or long lived certificates.
 
Complete and refine EGI security Threat Risk assessment and produce final report before the EGI review.


The chair of SVG will co-ordinate the EGI Security Threat Risk Assessment described in D4.4.
Pakiti 3.0 is expected to be released by end of June 2012.

Latest revision as of 17:45, 6 January 2015

EGI Inspire Main page


Inspire reports menu: Home SA1 weekly Reports SA1 Task QR Reports NGI QR Reports NGI QR User support Reports



1. Task Meetings

Date (dd/mm/yyyy) Url Indico Agenda Title Outcome
23-24/04/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=812 EGI CSIRT face to face meeting activities review and plan
20/04/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=1018 The EGI Security Assessment Group - ratings discussion Discuss EGI security assessment document
22/03/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=962 EGI CSIRT team Monthly meeting Review previous month activities and plan for the coming month
23/03/20112 https://www.egi.eu/indico/conferenceDisplay.py?confId=959 EGI SVG Monthly meeting Review previous month activities and plan for the coming month
23/02/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=826 EGI CSIRT team monthly meeting Review previous month activities and plan for the coming month
16/02/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=822 EGI SVG Monthly meeting Review previous month activities and plan for the coming month
15/02/2012 https://www.egi.eu/indico/conferenceDisplay.py?confId=816 The EGI Security Threat Risk Assessment kickoff meeting EGI risk assessment

EGI CSIRT also has a weekly operation meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)

2. Main Achievements

Security dashboard was released in full production. EGI CSIRT had a face to face meeting at Bologna, where activities and EGI CSIRT 2012 roadmap were reviewed and discussed. Two hands-on trainings were organized. They are "Forensic and incident response" and "RTIR handson training". Spanish NGI started the SSC5 pilot run on 25th April and it is expected to be completed in 2 weeks. In this quarter, EGI CSIRT handled one security incident.

During this quarter, 3 new vulnerabilities were reported to EGI SVG. In total 2 advisories were issued by SVG.

The EGI Security Threat Risk assessment team was formed, several teleconferencing meetings have taken place to facilitate the work. 75 threats identified and an initial risk assessment and preliminary report has been produced.

3. Issues and Mitigation

Issue Description Mitigation Description

4. Plans for the next period

The Deutch NGI will start the SSC5 NGI run during this quarter (after the Spanish NGI run). The EGI SSC6 run is under preparation and plan to start in middle of July 2012.

EGI CSIRT is working on a proposal for site-wide security monitoring. The proposal is expected to be completed and submit to OMB for discussion by end of June 2012

Improve usage of the EGI RT tracker to allow better reporting, including metrics. This was delayed as the EGI Security Threat Risk assessment and producing a preliminary report took priority.

Continue working on the procedure for compromised certificates, whether short lived proxies or long lived certificates.

Complete and refine EGI security Threat Risk assessment and produce final report before the EGI review.

Pakiti 3.0 is expected to be released by end of June 2012.