Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI CSIRT:TDG-NEW"

From EGIWiki
Jump to navigation Jump to search
 
(22 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<!--{{Egi-csirt-dissemination-header}}-->
<!--{{Egi-csirt-dissemination-header}}-->
{{new-Egi-csirt-header-TDG}}
<!--{{Template:TDG menubar}}-->
<!--{{new-Egi-csirt-header-TDG}}-->
{{new-Egi-csirt-header}}
<!--{{TOC_right}}-->
__NOTOC__
= EGI-CSIRT Training and Dissemination Group (TDG) =
= EGI-CSIRT Training and Dissemination Group (TDG) =
The [https://wiki.egi.eu/wiki/EGI_CSIRT:Main_Page EGI-CSIRT] Training and Dissemination Group objective is to rise security awareness among Grid users and Grid Resource Providers and act as a a collection point for best practices, tutorials and trainings both internal and external to the [http://www.egi.eu/projects/egi-inspire/ EGI-InSPIRE] project.
The [[EGI_CSIRT:Main_Page | EGI-CSIRT]] Training and Dissemination Group objective is to rise security awareness among Grid users and Grid Resource Providers and act as a a collection point for best practices, tutorials and trainings both internal and external to the [http://www.egi.eu/projects/egi-inspire/ EGI-InSPIRE] project.


== Training Events ==
{| width="100%"
=== Upcoming Events ===
|-
| style="width:50%; border: 1px solid rgb(221, 221, 221);; background: none repeat scroll 0% 0% rgb(249, 249, 249); vertical-align:top; color:#000;" |
{| width="100%" style="vertical-align: top; background: none repeat scroll 0% 0% rgb(249, 249, 249);"
|-
! style="padding:2px;background-color: lightgray;" |
<big>'''Training Events'''</big>
 
|-
| style="color:#000;" | <div id="mp-tfa" style="padding:2px 5px">
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI05062014 UK HEP System Managers Meeting 3rd June – 5th June 2014 Rutherford Appleton Laboratory]; June 2014
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI19052014 EGI Community Forum 2014 (Helsinki)]; May 2014
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI25032014 International Symposium on Grids and Clouds (ISGC) 2014 ,Security Workshop (Taipei)]; March 2014
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI16092013 EGI Technical Forum 2013 (Madrid)]; September 2013
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI27082013 GridKa School 2013,Security Workshop (Karlsruhe)]; August 2013
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI17032013 International Symposium on Grids and Clouds (ISGC) 2013 ,Security Workshop (Taipei)]; March 2013
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI17092012 EGI Technical Forum 2012 (Prague)]; September 2012
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI17092012 EGI Technical Forum 2012 (Prague)]; September 2012
 
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI28082012 GridKa School 2012 (Karlsruhe), Cluster security tournament - Hands-on incident response and forensics in a realistic environment]; August 2012
=== Past Events ===
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI26032012 EGI Community Forum 2012 (Munich)]; March 2012
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI26032012 EGI Community Forum 2012 (Munich)]; March 2012
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI220911 EGI Technical Forum 2011 (Lyon)]; September 2011: Joint security training for system administrators and alike.
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGI220911 EGI Technical Forum 2011 (Lyon)]; September 2011: Joint security training for system administrators and alike.
Line 15: Line 32:
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGEE081108 EGEE08 Conference]; September 2008 Istanbul): Joint Middleware and Operational Security Session (MWSG/OSCT)
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGEE081108 EGEE08 Conference]; September 2008 Istanbul): Joint Middleware and Operational Security Session (MWSG/OSCT)
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGEE011007 EGEE07 Conference]; October 2007 (Budapest): Security Training at EGEE07
* [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/SecTut-EGEE011007 EGEE07 Conference]; October 2007 (Budapest): Security Training at EGEE07
</div>
|}


=== Events Organized by the NGIs ===
'''Events Organized by the NGIs'''


Security events, tutorials and workshops, are often organized inside the NGIs or international forums and contain useful information for the community. The material [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/training_events linked here] ''has not officially been validated by the EGI-CSIRT'' and is provided as it is for users convenience.
Security events, tutorials and workshops, are often organized inside the NGIs or international forums and contain useful information for the community. The material [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/training_events linked here] ''has not officially been validated by the EGI-CSIRT'' and is provided as it is for users convenience.


== Guides, Best Practices and Technical Advices ==
'''Training Testbed'''
 
EGI CSIRT has implemented a [[EGI_CSIRT:TDG/Training-Testbed | Training Testbed]] which allows to execute incident handling and forensics hands-on in a very realistic scenario.
|}
 
{| width="100%"
|-
| style="width:50%; border: 1px solid rgb(221, 221, 221);; background: none repeat scroll 0% 0% rgb(249, 249, 249); vertical-align:top; color:#000;" |
{| width="100%" style="vertical-align: top; background: none repeat scroll 0% 0% rgb(249, 249, 249);"
|-
! style="padding:2px;background-color: lightgray;" |
<big>'''Guides, Best Practices and Technical Advices'''</big>


==== Incident Handling ====
|-
[https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/Incident-handl Suggestions] on the way an incident should be handled in EGI
| style="color:#000;" | <div id="mp-tfa" style="padding:2px 5px">
'''Incident Handling'''


==== Incident Handling Site Checklist ====
[[EGI_CSIRT:TDG/Incident-handl | Suggestions]] on the way an incident should be handled in EGI
A useful [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/Site-Checklist checklist] for the main actions that should be performed by the site administrators and security teams in case of a security incident.


==== Incident Handling with RTIR ====
'''EMI Community Service Reference Cards'''
Incidents and follow up of all the security issues handled by the EGI-CSIRT (including the security service challenges) is done in EGI using a dedicated ticketing system called [[http://bestpractical.com/rtir/ RTIR]]. End users do not have direct access to the RTIR system, but can exchange messages using e-mail.
A comprehensive guide on the usage of RTIR can be found [http://www.ja.net/services/csirt/wp-content/uploads/rtir-incident-handling.pdf here]


==== EMI Community Service Reference Cards ====
The [https://twiki.cern.ch/twiki/bin/view/EMI/EMTSrcTemplate#SrcLinks Service Reference Cards] are a collection of short guides on the middleware services provided by the developers. Each card contains also a security paragraph with useful suggestions about configuration and operational procedures.
The [https://twiki.cern.ch/twiki/bin/view/EMI/EMTSrcTemplate#SrcLinks Service Reference Cards] are a collection of short guides on the middleware services provided by the developers. Each card contains also a security paragraph with useful suggestions about configuration and operational procedures.


==== Resource Access Control ====
'''Resource Access Control'''
[https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/Resource-Access How to control] the access to grid resources.


==== Monitoring ====
[[EGI_CSIRT:TDG/Resource-Access | How to control]] the access to grid resources.
[https://wiki.egi.eu/wiki/EGI_CSIRT:Monitoring Monitoring Tools] used in EGI-InSPIRE and recommended to the Resource Centers


==== Intrusion Detection and Integrity Checking ====
'''Monitoring'''
When correctly configured and tuned, Intrusion Detection Systems (IDS) and Integrity Checkers are very useful tools to promptly discover system compromise or even prevent it. In [https://wiki.egi.eu/wiki/EGI_CSIRT:TDG/IDS this section] some of the most used IDS are listed together with links to the documentation


==== Best Practices (General) ====
[[EGI_CSIRT:Monitoring | Monitoring Tools]] used in EGI-InSPIRE and recommended to the Resource Centers
A [https://wiki.egi.eu/wiki/EGI-CSIRT:TDG/best_pract collection] of small feeds and suggestions to improve the security of our sites.


== SPG (Security Policy Group) Official Documents for EGI ==
'''Intrusion Detection and Integrity Checking'''
 
When correctly configured and tuned, Intrusion Detection Systems (IDS) and Integrity Checkers are very useful tools to promptly discover system compromise or even prevent it. In [[EGI_CSIRT:TDG/IDS | this section]] some of the most used IDS are listed together with links to the documentation
 
'''Best Practices (General)'''
 
[[EGI-CSIRT:TDG/best_pract | A collection]] of small feeds and suggestions to improve the security of our sites.
|}
|}
 
{| width="100%"
|-
| style="width:50%; border: 1px solid rgb(221, 221, 221);; background: none repeat scroll 0% 0% rgb(249, 249, 249); vertical-align:top; color:#000;" |
{| width="100%" style="vertical-align: top; background: none repeat scroll 0% 0% rgb(249, 249, 249);"
|-
! style="padding:2px;background-color: lightgray;" |
<big>'''SPG (Security Policy Group) Official Documents for EGI'''</big>
 
|-
| style="color:#000;" | <div id="mp-tfa" style="padding:2px 5px">
The Security Policy Group (SPG) aims to provide policies that define the expected behaviour of sites and users to ensure a secure distributed computing infrastructure.
The Security Policy Group (SPG) aims to provide policies that define the expected behaviour of sites and users to ensure a secure distributed computing infrastructure.
The list of approved EGI policies can be found [[https://wiki.egi.eu/wiki/SPG:Documents here]]
The list of approved EGI policies can be found [[https://wiki.egi.eu/wiki/SPG:Documents here]]
</div>
|}
|}
{| width="100%"
|-
| style="width:50%; border: 1px solid rgb(221, 221, 221);; background: none repeat scroll 0% 0% rgb(249, 249, 249); vertical-align:top; color:#000;" |
{| width="100%" style="vertical-align: top; background: none repeat scroll 0% 0% rgb(249, 249, 249);"
|-
! style="padding:2px;background-color: lightgray;" |
<big>'''External Material'''</big>


== External Material ==
|-
=== ISSeG training material ===
| style="color:#000;" | <div id="mp-tfa" style="padding:2px 5px">
'''ISSeG Training Material'''


The project [http://isseg.web.cern.ch/ISSeG/home.htm Integrated Site Security for Grids (ISSeG)] produced [http://isseg-training.web.cern.ch/ISSeG-training/ training and dissemination] site. The site contains practical site security recommendations that are based on the lessons learnt from Integrated Site Security deployment at ISSeG target sites.
The project [http://isseg.web.cern.ch/ISSeG/home.htm Integrated Site Security for Grids (ISSeG)] produced [http://isseg-training.web.cern.ch/ISSeG-training/ training and dissemination] site. The site contains practical site security recommendations that are based on the lessons learnt from Integrated Site Security deployment at ISSeG target sites.
</div>
|}
|}

Latest revision as of 12:45, 6 June 2014

EGI-CSIRT web site EGI-CSIRT Public wiki EGI-CSIRT Contacts EGI-CSIRT Activities EGI-CSIRT Private wiki


EGI-CSIRT Training and Dissemination Group (TDG)

The EGI-CSIRT Training and Dissemination Group objective is to rise security awareness among Grid users and Grid Resource Providers and act as a a collection point for best practices, tutorials and trainings both internal and external to the EGI-InSPIRE project.

Training Events

Events Organized by the NGIs

Security events, tutorials and workshops, are often organized inside the NGIs or international forums and contain useful information for the community. The material linked here has not officially been validated by the EGI-CSIRT and is provided as it is for users convenience.

Training Testbed

EGI CSIRT has implemented a Training Testbed which allows to execute incident handling and forensics hands-on in a very realistic scenario.

Guides, Best Practices and Technical Advices

Incident Handling

Suggestions on the way an incident should be handled in EGI

EMI Community Service Reference Cards

The Service Reference Cards are a collection of short guides on the middleware services provided by the developers. Each card contains also a security paragraph with useful suggestions about configuration and operational procedures.

Resource Access Control

How to control the access to grid resources.

Monitoring

Monitoring Tools used in EGI-InSPIRE and recommended to the Resource Centers

Intrusion Detection and Integrity Checking

When correctly configured and tuned, Intrusion Detection Systems (IDS) and Integrity Checkers are very useful tools to promptly discover system compromise or even prevent it. In this section some of the most used IDS are listed together with links to the documentation

Best Practices (General)

A collection of small feeds and suggestions to improve the security of our sites.

SPG (Security Policy Group) Official Documents for EGI

The Security Policy Group (SPG) aims to provide policies that define the expected behaviour of sites and users to ensure a secure distributed computing infrastructure.

The list of approved EGI policies can be found [here]

External Material

ISSeG Training Material

The project Integrated Site Security for Grids (ISSeG) produced training and dissemination site. The site contains practical site security recommendations that are based on the lessons learnt from Integrated Site Security deployment at ISSeG target sites.