1. Task Meetings
|Date (dd/mm/yyyy)||Url Indico Agenda||Title||Outcome|
|23-24/04/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=812||EGI CSIRT face to face meeting||activities review and plan|
|20/04/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=1018||The EGI Security Assessment Group - ratings discussion||Discuss EGI security assessment document|
|22/03/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=962||EGI CSIRT team Monthly meeting||Review previous month activities and plan for the coming month|
|23/03/20112||https://www.egi.eu/indico/conferenceDisplay.py?confId=959||EGI SVG Monthly meeting||Review previous month activities and plan for the coming month|
|23/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=826||EGI CSIRT team monthly meeting||Review previous month activities and plan for the coming month|
|16/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=822||EGI SVG Monthly meeting||Review previous month activities and plan for the coming month|
|15/02/2012||https://www.egi.eu/indico/conferenceDisplay.py?confId=816||The EGI Security Threat Risk Assessment kickoff meeting||EGI risk assessment|
EGI CSIRT also has a weekly operation meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)
2. Main Achievements
Security dashboard was released in full production. EGI CSIRT had a face to face meeting at Bologna, where activities and EGI CSIRT 2012 roadmap were reviewed and discussed. Two hands-on trainings were organized. They are "Forensic and incident response" and "RTIR handson training". Spanish NGI started the SSC5 pilot run on 25th April and it is expected to be completed in 2 weeks. In this quarter, EGI CSIRT handled one security incident.
During this quarter, 3 new vulnerabilities were reported to EGI SVG. In total 2 advisories were issued by SVG.
The EGI Security Threat Risk assessment team was formed, several teleconferencing meetings have taken place to facilitate the work. 75 threats identified and an initial risk assessment and preliminary report has been produced.
3. Issues and Mitigation
|Issue Description||Mitigation Description|
4. Plans for the next period
The Deutch NGI will start the SSC5 NGI run during this quarter (after the Spanish NGI run). The EGI SSC6 run is under preparation and plan to start in middle of July 2012.
EGI CSIRT is working on a proposal for site-wide security monitoring. The proposal is expected to be completed and submit to OMB for discussion by end of June 2012
Improve usage of the EGI RT tracker to allow better reporting, including metrics. This was delayed as the EGI Security Threat Risk assessment and producing a preliminary report took priority.
Continue working on the procedure for compromised certificates, whether short lived proxies or long lived certificates.
Complete and refine EGI security Threat Risk assessment and produce final report before the EGI review.
Pakiti 3.0 is expected to be released by end of June 2012.