EGI Core activities:2015-bidding Security Incident Response Coordination

From EGIWiki
Revision as of 19:11, 20 February 2015 by Krakow (talk | contribs)
Jump to: navigation, search


Go back to the activity list.

  • Service name: Security Incident Response Coordination
  • Service category: Operations
  • Service type: Coordination

Security Incident Response Coordination is part of Security Coordination service in the EGI.eu coordination function.

Introduction

Security is recognised as an important aspect of e-Infrastructures and requires co-ordination between the EGI participants at various levels, in particular for the prevention and handling of incidents.

Technical description

This service includes the following components.

Security Incident Response Coordination

Coordination of incident response activities in collaboration with the Incident Response Task Force. The primary responsibility for basic incident response and forensics still lies with each NGI, while the EGI Global IRTF will coordinate incident response and information exchange. For complex multi-site incidents and in cases where advanced forensics is needed, the EGI Global IRTF will step in and take an active part, to protect the continued integrity of the EGI infrastructure as a whole. Validation of EGI Global incident response capability is done by coordinating security service challenges that both assess readiness of infrastructure operations and verify adequate traceability features in the software used. This task will also liaise with other CSIRTs via for example TF-CSIRTS and FIRST.