Difference between revisions of "EGI CSIRT:Main Page"
|Line 1:||Line 1:|
Revision as of 12:32, 22 November 2012
|EGI-CSIRT web site||EGI-CSIRT Public wiki||EGI-CSIRT Contacts||EGI-CSIRT Activities||EGI-CSIRT Private wiki|
EGI CSIRT Mission
The EGI CSIRT covers all aspects of operational security aimed at achieving a secure infrastructure within EGI and relies on site and NGI security contact information maintained in the GOCDB by each NGI. The EGI CSIRT ensures both the coordination with peer grids and with the NGIs and NREN CSIRTs. The EGI CSIRT acts as a forum to combine efforts and resources from the NGIs in different areas, including Grid security monitoring, Security training and dissemination, and improvements in responses to incidents (e.g. security drills). Each NGI will appoint an NGI Security Officer in order to provide the NGI CSIRT function. The resulting group of NGI Security Officers collaborate as part of the EGI CSIRT.
EGI CSIRT Term of Reference (ToR)
How To Report a Security Incident
This is the official and approved EGI-CSIRT procedure to be followed in case of a security incident
EGI CSIRT Operation Policies and Procedures
Other operational Procedures approved by the OMB and PMB of interest for sites and users.
ALL EGI sites are required to follow these procedures in order to report and handle Grid-related security incident. We strongly encourage all the security contacts and system administrators to have a printed copy of all of them.
EGI CSIRT Security Alerts
Security alerts and/or security advisories will be sent to all EGI site security contacts or NGI security officers by EGI CSIRT using either an EGI broadcasting tool or a pre-established mailing list. They will also be listed on this page. They may cover a wide range of software, including but not limited to the EGI middleware.
EGI CSIRT Groups and Activities
EGI CSIRT security team is organized in following groups.
- Incident Response Task Force (IRTF)
- Handle day to day operational security issues and coordinate Computer-Security-Incident-Response across the EGI infrastructure.
- Security Drills Group (SDG)
- The objectives of the Security-Drills are twofold. One aspect is to get an overview of the incident response capabilities of the sites participating in EGI and improve the collaboration among the distributed teams. The second is to improve the Security-Incident-Handling capabilities of the EGI-CSIRT itself. Here we continuously have to revisit our procedures and check whether our tracing of the security activities is sufficiently monitored and recorded.
- Security Monitoring Group (SMG)
- Develop, deploy and maintain security monitoring tools.
- Training and Dissemination Group (TDG)
- Raise security awareness and improve security for system administrators by providing security training and best practice
EGI CSIRT Members
You can find contact information of the team members here