Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI CSIRT:Policies"

From EGIWiki
Jump to navigation Jump to search
Line 11: Line 11:
They are:
They are:


- Security Incident Handling Procedure
- [https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-IRTF-47-V12.pdf Security Incident Handling Procedure], defined by EGI CSIRT
[https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-IRTF-47-V12.pdf], defined by EGI CSIRT
- Vulnerability Issue Handling Procedure
[https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-SVG-47-V12.pdf], defined by EGI SVG


The "Security Incident Handling Procedure" define site and incident
- [https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-SVG-47-V12.pdf Vulnerability Issue Handling Procedure], defined by EGI SVG
coordinator responsibilities when handling Grid-related security incident.
ALL EGI sites are required to follow the new procedure to report and handle
Grid-related security incident. We strongly encourage our security contacts
and system administrators to have a printing copy of this procedure.
For more details you can browse the wiki page https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting.


The "Software Vulnerability Issue Handling Process" describes the process used to report and resolve Grid Software vulnerabilities in the EGI Inspire project. It describes the responsibilities of various people within the SVG, the EGI InSPIRE project and in the communities providing software
The "Security Incident Handling Procedure" define site and incident coordinator responsibilities when handling Grid-related security incident. ALL EGI sites are required to follow the new procedure to report and handle Grid-related security incident. We strongly encourage our security contacts and system administrators to have a printing copy of this procedure. For more details you can browse the wiki page https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting.
distributed in the EGI Unified Middleware Distribution and how the various
groups interact with this process.  
For more details you can browse the wiki page https://wiki.egi.eu/wiki/SVG#What_to_do_if_you_find_a_Software_Vulnerability_in_the_EGI_infrastructure .  


  The permanent link to the two documents can be found at [https://documents.egi.eu/document/47] .
The "Software Vulnerability Issue Handling Process" describes the process used to report and resolve Grid Software vulnerabilities in the EGI Inspire project. It describes the responsibilities of various people within the SVG, the EGI InSPIRE project and in the communities providing software distributed in the EGI Unified Middleware Distribution and how the various
groups interact with this process.  For more details you can browse the wiki page https://wiki.egi.eu/wiki/SVG#What_to_do_if_you_find_a_Software_Vulnerability_in_the_EGI_infrastructure .
 
The permanent link to the two documents can be found at [https://documents.egi.eu/document/47] .

Revision as of 16:43, 18 November 2010


| Mission | Members | Contacts
| Incident handling | Alerts | Monitoring | Security challenges | Procedures | Dissemination



EGI Security Policies

The policy documents produced by the former JSPG are valid since 1st May for the EGI partners. They are in the process of being imported into new documents template. For all up to dated EGI security policies, please refer to the EGI Security Policy Group wiki page.

EGI Operational Security Procedures

Two EGI operational security procedures have been approved by EGI OMB and PMB and now are released to public.

They are:

- Security Incident Handling Procedure, defined by EGI CSIRT

- Vulnerability Issue Handling Procedure, defined by EGI SVG

The "Security Incident Handling Procedure" define site and incident coordinator responsibilities when handling Grid-related security incident. ALL EGI sites are required to follow the new procedure to report and handle Grid-related security incident. We strongly encourage our security contacts and system administrators to have a printing copy of this procedure. For more details you can browse the wiki page https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting.

The "Software Vulnerability Issue Handling Process" describes the process used to report and resolve Grid Software vulnerabilities in the EGI Inspire project. It describes the responsibilities of various people within the SVG, the EGI InSPIRE project and in the communities providing software distributed in the EGI Unified Middleware Distribution and how the various groups interact with this process. For more details you can browse the wiki page https://wiki.egi.eu/wiki/SVG#What_to_do_if_you_find_a_Software_Vulnerability_in_the_EGI_infrastructure .

The permanent link to the two documents can be found at [1] .