Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI CSIRT:Main Page"

From EGIWiki
Jump to navigation Jump to search
Line 1: Line 1:
<!--{{Egi-csirt-header|The EGI Computer Security and Incident Response Team: EGI CSIRT}}-->
<!--{{Egi-csirt-header|The EGI Computer Security and Incident Response Team: EGI CSIRT}}--> {{New-Egi-csirt-header}}  
{{New-Egi-csirt-header}}


==EGI CSIRT Mission==
== EGI CSIRT Mission ==
The EGI CSIRT covers all aspects of operational security aimed at achieving a ''secure infrastructure'' within EGI and relies on site and NGI security contact information maintained in the GOCDB by each NGI. The EGI CSIRT ensures both the coordination with peer grids and with the NGIs and NREN CSIRTs. The EGI CSIRT acts as a forum to combine efforts and resources from the NGIs in different areas, including Grid security monitoring, Security training and dissemination, and improvements in responses to incidents (e.g. security drills). Each NGI will appoint an NGI Security Officer in order to provide the NGI CSIRT function. The resulting group of NGI Security Officers collaborate as part of the EGI CSIRT.


The EGI CSIRT is led and coordinated by the EGI Security Officer, whose role and mission are defined by security policies approved by [[EGI]] and the [[NGI]]s.
The EGI CSIRT covers all aspects of operational security aimed at achieving a ''secure infrastructure'' within EGI and relies on site and NGI security contact information maintained in the GOCDB by each NGI. The EGI CSIRT ensures both the coordination with peer grids and with the NGIs and NREN CSIRTs. The EGI CSIRT acts as a forum to combine efforts and resources from the NGIs in different areas, including Grid security monitoring, Security training and dissemination, and improvements in responses to incidents (e.g. security drills). Each NGI will appoint an NGI Security Officer in order to provide the NGI CSIRT function. The resulting group of NGI Security Officers collaborate as part of the EGI CSIRT.  


EGI CSIRT [https://documents.egi.eu/document/385 Term of Reference (ToR)]
The EGI CSIRT is led and coordinated by the EGI Security Officer, whose role and mission are defined by security policies approved by [[EGI]] and the [[NGI]]s.  


==Contacts==
EGI CSIRT [https://documents.egi.eu/document/385 Term of Reference (ToR)]  
* EGI Security Officer : Mingchao Ma
<!--[[User:Mingchao|Mingchao Ma]]-->
* Use the email address ''' abuse (at) egi.eu '''  to report security incident and/or abuse [https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting]
* [[EGI CSIRT:Contacts | Others contacts informations]]
* EGI CSIRT is [https://www.trusted-introducer.org/teams/teams-e.html#EGI-CSIRT listed Trusted Introducer]


==EGI CSIRT Groups ==
<!--
EGI CSIRT security team is organized in following groups.
== Contacts ==


; [[EGI_CSIRT:IRTF|Incident Response Task Force (IRTF)]]
*EGI Security Officer&nbsp;: Mingchao Ma <!--[[User:Mingchao|Mingchao Ma]]-->
: Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
*Use the email address '''abuse (at) egi.eu ''' to report security incident and/or abuse [https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting]
*[[EGI CSIRT:Contacts|Others contacts informations]]  
*EGI CSIRT is [https://www.trusted-introducer.org/teams/teams-e.html#EGI-CSIRT listed Trusted Introducer]
-->


; [[EGI_CSIRT:SDG|Security Drills Group (SDG)]]
== EGI CSIRT Groups  ==
: The objectives of the Security-Drills are twofold. One aspect is to get an overview of the incident response capabilities of the sites participating in EGI and improve the collaboration among the distributed teams. The second is to improve the Security-Incident-Handling capabilities of the EGI-CSIRT itself. Here we continuously have to revisit our procedures and check whether our tracing of the security activities is sufficiently monitored and recorded.


; [[EGI_CSIRT:SMG|Security Monitoring Group (SMG)]]
EGI CSIRT security team is organized in following groups.
: Develop, deploy and maintain security monitoring tools.
 
;[[EGI CSIRT:IRTF|Incident Response Task Force (IRTF)]]
:Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
 
;[[EGI CSIRT:SDG|Security Drills Group (SDG)]]
:The objectives of the Security-Drills are twofold. One aspect is to get an overview of the incident response capabilities of the sites participating in EGI and improve the collaboration among the distributed teams. The second is to improve the Security-Incident-Handling capabilities of the EGI-CSIRT itself. Here we continuously have to revisit our procedures and check whether our tracing of the security activities is sufficiently monitored and recorded.
 
;[[EGI CSIRT:SMG|Security Monitoring Group (SMG)]]  
:Develop, deploy and maintain security monitoring tools.


<!--; [[EGI_CSIRT:TDG|Training and Dissemination Group (TDG)]]
<!--; [[EGI_CSIRT:TDG|Training and Dissemination Group (TDG)]]
: Raise security awareness and improve security for system administrators by providing security training and best practice-->
: Raise security awareness and improve security for system administrators by providing security training and best practice-->  
; [[EGI_CSIRT:TDG-NEW|Training and Dissemination Group (TDG)]]
 
: Raise security awareness and improve security for system administrators by providing security training and best practice
;[[EGI CSIRT:TDG-NEW|Training and Dissemination Group (TDG)]]  
:Raise security awareness and improve security for system administrators by providing security training and best practice
 
== How To Report a Security Incident ==
 
*'''[https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting How to Report a Security Incident]'''


==How To Report a Security Incident==
== Working Hour ==
* '''[https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting How to Report a Security Incident]'''


==Working Hour==
9:00 - 17:00 (CET) Mon - Fri  
9:00 - 17:00 (CET) Mon - Fri


Out of working hour will be on best effort basis
Out of working hour will be on best effort basis

Revision as of 12:17, 12 April 2012

EGI-CSIRT web site EGI-CSIRT Public wiki EGI-CSIRT Contacts EGI-CSIRT Activities EGI-CSIRT Private wiki


EGI CSIRT Mission

The EGI CSIRT covers all aspects of operational security aimed at achieving a secure infrastructure within EGI and relies on site and NGI security contact information maintained in the GOCDB by each NGI. The EGI CSIRT ensures both the coordination with peer grids and with the NGIs and NREN CSIRTs. The EGI CSIRT acts as a forum to combine efforts and resources from the NGIs in different areas, including Grid security monitoring, Security training and dissemination, and improvements in responses to incidents (e.g. security drills). Each NGI will appoint an NGI Security Officer in order to provide the NGI CSIRT function. The resulting group of NGI Security Officers collaborate as part of the EGI CSIRT.

The EGI CSIRT is led and coordinated by the EGI Security Officer, whose role and mission are defined by security policies approved by EGI and the NGIs.

EGI CSIRT Term of Reference (ToR)

-->

EGI CSIRT Groups

EGI CSIRT security team is organized in following groups.

Incident Response Task Force (IRTF)
Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
Security Drills Group (SDG)
The objectives of the Security-Drills are twofold. One aspect is to get an overview of the incident response capabilities of the sites participating in EGI and improve the collaboration among the distributed teams. The second is to improve the Security-Incident-Handling capabilities of the EGI-CSIRT itself. Here we continuously have to revisit our procedures and check whether our tracing of the security activities is sufficiently monitored and recorded.
Security Monitoring Group (SMG)
Develop, deploy and maintain security monitoring tools.


Training and Dissemination Group (TDG)
Raise security awareness and improve security for system administrators by providing security training and best practice

How To Report a Security Incident

Working Hour

9:00 - 17:00 (CET) Mon - Fri

Out of working hour will be on best effort basis

Retrieved from "https://wiki.egi.eu/w/index.php?title=EGI_CSIRT:Main_Page&oldid=35393"