Difference between revisions of "ROD Security"

From EGIWiki
Jump to: navigation, search
 
(2 intermediate revisions by one other user not shown)
Line 1: Line 1:
 
{{Template:Op menubar}} {{Template:GO menubar}} {{TOC_right}}  
 
{{Template:Op menubar}} {{Template:GO menubar}} {{TOC_right}}  
[[Category:Grid_Oversight]]
+
[[Category:Infrastructure_Oversight]]
 
=Security=
 
=Security=
  
* Day to day operational security issues are handled by [[EGI_CSIRT:IRTF ]].
+
Sites facing or suspecting a security incident on their resources have to follow Incident Handling Procedure:
* Sites facing or suspecting a security incident on their resources are encouraged to contact IRTF according to the EGI [[https://documents.egi.eu/public/RetrieveFile?docid=47 security incident procedure]].
+
* https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting
  
* New vulnerability issues of the middleware should be handled as defined in the EGI [[https://documents.egi.eu/public/RetrieveFile?docid=47 vulnerability issue handling procedure]].
+
New vulnerability issues of the middleware should be handled as defined in the EGI
 +
* https://documents.egi.eu/document/717
 +
with a guide what to do when You find a vulnerability:
 +
* https://wiki.egi.eu/wiki/SVG#What_to_do_if_you_find_a_Software_Vulnerability_in_the_EGI_infrastructure
  
Details and up-to-date versions of these security procedures can be found at EGI-CSIRT wiki [[EGI_CSIRT:Policies]].
+
Sites having critical vulnerabilities are handled according to EGI Critical Vulnerability Handling Procedure, and if they do not respond properly, they may face suspension.
 +
* https://documents.egi.eu/document/283

Latest revision as of 14:51, 23 October 2014

Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


EGI Infrastructure Operations Oversight menu: Home EGI.eu Operations Team Regional Operators (ROD) 


Contents

Security

Sites facing or suspecting a security incident on their resources have to follow Incident Handling Procedure:

New vulnerability issues of the middleware should be handled as defined in the EGI

with a guide what to do when You find a vulnerability:

Sites having critical vulnerabilities are handled according to EGI Critical Vulnerability Handling Procedure, and if they do not respond properly, they may face suspension.