Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "SVG:SVG"

From EGIWiki
Jump to navigation Jump to search
Line 19: Line 19:


== What to do if you find a Software Vulnerability in the EGI infrastructure ==
== What to do if you find a Software Vulnerability in the EGI infrastructure ==
'''DO NOT''' discuss on a mailing list - especially one with an open subsription policy or public archive
'''DO NOT''' post information on a web page
'''DO NOT''' publicise in any way - e.g. to the media
'''IMMEDIATELY Report it to report-vulnerability (at) egi.eu'''

Revision as of 16:56, 30 September 2010

Software Vulnerability Group (SVG)

The purpose of the EGI Software Vulnerability Group is to eliminate existing vulnerabilities from the deployed infrastructure, primarily from the grid middleware, prevent the introduction of new ones and prevent security incidents

Main Tasks of the EGI Software Vulnerability Group

  • Provide an efficient process to report, handle, and resolve software vulnerabilities found in middleware.

This is expected to be the largest activity of the EGI SVG.

  • Provide consultation on software vulnerabilities to the CSIRT team and other EGI groups.
  • Collaborate with other partners to assess software provided in the EGI Unified Middleware Distribution and to look for vulnerabilities.
  • Encourage developers to write secure code, thus reducing the likelihood of future problems, by education and awareness.

What to do if you find a Software Vulnerability in the EGI infrastructure

DO NOT discuss on a mailing list - especially one with an open subsription policy or public archive

DO NOT post information on a web page

DO NOT publicise in any way - e.g. to the media

IMMEDIATELY Report it to report-vulnerability (at) egi.eu