Difference between revisions of "ROD Security"

From EGIWiki
Jump to: navigation, search
Line 3: Line 3:
 
=Security=
 
=Security=
  
* Day to day operational security issues are handled by [[EGI_CSIRT:IRTF ]].
+
Sites facing or suspecting a security incident on their resources have to follow Incident Handling Procedure:
* Sites facing or suspecting a security incident on their resources are encouraged to contact IRTF according to the EGI [[https://documents.egi.eu/public/RetrieveFile?docid=47 security incident procedure]].
+
* https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting
  
* New vulnerability issues of the middleware should be handled as defined in the EGI [[https://documents.egi.eu/public/RetrieveFile?docid=47 vulnerability issue handling procedure]].
+
New vulnerability issues of the middleware should be handled as defined in the EGI
 +
* https://documents.egi.eu/document/717
 +
with a guide what to do when You find a vulnerability:
 +
* https://wiki.egi.eu/wiki/SVG#What_to_do_if_you_find_a_Software_Vulnerability_in_the_EGI_infrastructure
  
Details and up-to-date versions of these security procedures can be found at EGI-CSIRT wiki [[EGI_CSIRT:Policies]].
+
[dodatkowa pozycja]
 +
Sites having critical vulnerabilities are handled according to EGI Critical Vulnerability Handling Procedure, and if they do not respond properly, they may face suspension.
 +
* https://documents.egi.eu/document/283

Revision as of 09:43, 13 February 2013

Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


EGI Infrastructure Operations Oversight menu: Home EGI.eu Operations Team Regional Operators (ROD) 


Contents

Security

Sites facing or suspecting a security incident on their resources have to follow Incident Handling Procedure:

New vulnerability issues of the middleware should be handled as defined in the EGI

with a guide what to do when You find a vulnerability:

[dodatkowa pozycja] Sites having critical vulnerabilities are handled according to EGI Critical Vulnerability Handling Procedure, and if they do not respond properly, they may face suspension.