1. Task Meetings
|Date (dd/mm/yyyy)||Url Indico Agenda||Title||Outcome|
|23-24/04/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=812||EGI CSIRT face to face meeting||activities review and plan|
|20/04/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=1018||The EGI Security Assessment Group - ratings discussion||Discuss EGI security assessment document|
|22/03/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=962||EGI CSIRT team Monthly meeting||Review previous month activities and plan for the coming month|
|23/03/20112||https://www.egi.eu/indico/conferenceDisplay.py?confId=959||EGI SVG Monthly meeting||Review previous month activities and plan for the coming month|
|23/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=826||EGI CSIRT team monthly meeting||Review previous month activities and plan for the coming month|
|16/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=822||EGI SVG Monthly meeting||Review previous month activities and plan for the coming month|
|15/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=816||The EGI Security Threat Risk Assessment kickoff meeting||EGI risk assessment|
EGI CSIRT also has a weekly operation meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)
2. Main Achievements
SA1.2 2012 roadmap was discussed and agreed roadmap is now online. The second release of security dashboard was made avaliable before Christmas of 2011. Some important improvement has been made. The improvement of security dashboard continues and it is expected to be in full production by end of Q1 of 2012. The the development of security challenge framework continue. The SSC5 NGI run is expected to start in the Q1 of 2012. The next CSIRT 2 days face to face meeting will be held at CNAF in Bologna, Italy.
SVG has improved co-ordination of fixing of issues and release of advisories, with EMI and EGI DMSU, to ensure advisories issued when software is released, this has made significant progress. SVG received the report on the Vulnerability Assessment of VOMS core from EMI.
EGI delivery D4.4 was completed and went to the external reviewers on 2nd January 2012. Comments from the reviewers received on 14th January. These have been addressed and the document has been finalized.
In this quarter, CSIRT has issued two security alerts, one is critical and one is high risk and handled 3 security incidents; SVG has handled 11 reported vulnerabilities and issued 4 advisories.
3. Issues and Mitigation
|Issue Description||Mitigation Description|
4. Plans for the next period
CSIRT will continue working with security dashboard developers. The security dashboard will be in full production by end of Q1 of 2012. Domain name of CSIRT Nagios box will be migrated from current srv-102.afroditi.hellasgrid.gr into *.egi.eu domain, no service interruption is expected. SSC5 regional run in NGIs, to pilot at least one NGI run in Q1 of 2012, and assist NGI security officers for their regional runs after the initial pilot.
SVG will continue issue handling and improving usage of the EGI RT tracker to allow better reporting, including metrics. Discussion and plans on what should be done to assess new software, e.g. software from providers with which EGI is forming a relationship. EMI starting on Security Vulnerability Assessment of WMS.
The chair of SVG will co-ordinate the EGI Security Threat Risk Assessment described in D4.4.