The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "EGI CSIRT:IRTF"
Jump to navigation
Jump to search
(→Tasks) |
|||
| Line 17: | Line 17: | ||
** Derive monitoring rules applicable to EGI | ** Derive monitoring rules applicable to EGI | ||
== Coordinator == | |||
* Vincent Brillault from CERN | * Vincent Brillault from CERN | ||
Revision as of 17:58, 19 June 2018
public team pages| Incident Response Task Force (IRTF) | Security Drills Group (SDG) | Security Monitoring Group (SMG) |
public pages | Mission | Incident reporting | Dissemination | Alerts | Operational notices | Monitoring | Security challenges | Policies | Contacts |
Incident Response Task Force
Objective
Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
Tasks
- Swift response to any reported computer security incident affecting EGI infrastruture
- Security Incident Management
- Existing communication channel (mail list/security wiki) migration
- New communication channel (if needed) setup
- Incident response tools development, evaluation and adaptation
- Incident handling procedures update/maintainence
- Establish additional operational and/or escalation procedures when required
- a procedure to suspend a site from the EGI infrastructure
- a procedure and agreed criteria to ban (blacklist) a user, a group of users and/or a VO
- Maintain and extend open source intelligence and information exchange with trusted partners
- Gather information about current cyber attack and threats
- Derive monitoring rules applicable to EGI
Coordinator
- Vincent Brillault from CERN