Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI CSIRT:IRTF"

From EGIWiki
Jump to navigation Jump to search
(Updating volunteers)
Line 26: Line 26:


=== Volunteers ===
=== Volunteers ===
{| {{egi-table}} class="sortable"
{| {{egi-table}}
! Name !! NGI !! Home Organization !! Effort Avalible (PM)
! Name !! NGI !! Home Organization !! Effort Avalible (PM)
|-
|-
|Vincent Brillault || - || CERN || 5 PM
|Vincent Brillault || - || CERN || 5 PM
|-  
|-  
|Daniel Kouril || - || CESNET ||
|Daniel Kouril || NGI_CZ  || CESNET ||
|-  
|-  
|Michal Prochazka || - || CESNET ||  
|Michal Prochazka || NGI_CZ  || CESNET ||  
|-  
|-  
|Sophie Ferry || France NGI || CEA Saclay ||
|Sophie Ferry || France NGI || CEA Saclay ||
Line 44: Line 44:
|-  
|-  
|Nuno Dias ||Portugal NGI || LIP ||  
|Nuno Dias ||Portugal NGI || LIP ||  
|-
|}    
     
Vulnerability assessment (part of incident response task force)
{| {{egi-table}} class="sortable"
!Name  !! NGI !! Home Organization !! Effort Available (PM)
|-
|Leif Nixon ||- ||  NDGF ||
|-
|Michael Hausding || Switzerland NGI || SWITCH
|-
|Xander Jansen || Dutch NGI || SURFcert
|-
|Detlev Matthies || German NGI || DFN
|-
|Dorine Fouossong || France NGI||
|-  
|-  
|}
|}

Revision as of 09:56, 1 June 2015

EGI-CSIRT wiki

public team pages| Incident Response Task Force (IRTF) | Security Drills Group (SDG) | Security Monitoring Group (SMG) |
public pages | Mission | Incident reporting | Dissemination | Alerts | Operational notices | Monitoring | Security challenges | Policies | Contacts |

Incident Response Task Force

Objective

Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.

Tasks

  • Swift response to any reported computer security incident affecting EGI infrastruture
  • Security Incident Management
    • Existing communication channel (mail list/security wiki) migration
    • New communication channel (if needed) setup
    • Incident response tools development, evaluation and adaptation
    • Incident handling procedures update/maintainence
  • Establish additional operational and/or escalation procedures when required
    • a procedure to suspend a site from the EGI infrastructure
    • a procedure and agreed criteria to ban (blacklist) a user, a group of users and/or a VO
  • vulnerability assessment
    • Regularly monitor vulnerability databases
    • Assess impact of vulnerabilities on the EGI infrastructure
    • Advise the project mitigation solutions
  • Maintain and extend open source intelligence and information exchange with trusted partners
    • Gather information about current cyber attack and threats
    • Derive monitoring rules applicable to EGI

Persons

Coordinator

  • Vincent Brillault from CERN

Volunteers

Name NGI Home Organization Effort Avalible (PM)
Vincent Brillault - CERN 5 PM
Daniel Kouril NGI_CZ CESNET
Michal Prochazka NGI_CZ CESNET
Sophie Ferry France NGI CEA Saclay
Ursula Epting German NGI KIT-GridKa
Tobias Dussa German NGI KIT-CERT
Sven Gabriel Dutch NGI NIKHEF
Nuno Dias Portugal NGI LIP
Retrieved from "https://wiki.egi.eu/w/index.php?title=EGI_CSIRT:IRTF&oldid=79807"