Difference between revisions of "SVG:SVG More Information"
(One intermediate revision by the same user not shown) | |||
Line 7: | Line 7: | ||
[[ SVG:RAT | RAT/Membership ]] | [[ SVG:RAT | RAT/Membership ]] | ||
==Revised Scope== | |||
[[SVG:Scope |Scope]] | |||
==Deployment Expert Group== | ==Deployment Expert Group== | ||
Line 19: | Line 23: | ||
This is work which was carried out to investigate whether software contained vulnerabilities. | This is work which was carried out to investigate whether software contained vulnerabilities. | ||
While there is no team in EGI or EOSC doing this work at present (June 2020), we refer to past activities and other activities being carried out. | |||
[[ SVG:Vulnerability Assessment | Vulnerability Assessment ]] | [[ SVG:Vulnerability Assessment | Vulnerability Assessment ]] |
Latest revision as of 20:40, 19 October 2020
Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
SVG More Information
Some of this information is old and will be updated/revised
Risk Assessment Team
The EGI SVG Risk Assessment Team or "RAT" is the group of people who co-ordinate the SVG issue handling process and along with the Deployment Expert Group (DEG) carry out most of the work to investigate and assess vulnerabilities reported to the EGI Software Vulnerability Issue handling process.
Revised Scope
Deployment Expert Group
The Deployment Expert Group or DEG helps ensure that vulnerabilities the ever increasingly inhomogeneous infrastructure are handled suitably.
Documents
Some links to Documents related to SVG
Vulnerability Assessment
This is work which was carried out to investigate whether software contained vulnerabilities.
While there is no team in EGI or EOSC doing this work at present (June 2020), we refer to past activities and other activities being carried out.
Secure coding
Some information on Secure Coding
SVG members
Various views and responsibilities in issue handling process
Note this is old and will be revised.
From here we link to more information on the EGI Vulnerability Issue handling from various points of view.
The Reporters View summarises the process and responsibilities from the Reporters point of view.
The SVG View summarises the process and responsibilities from the SVG point of view.
The Software Providers View summarises the process and responsibilities from the Software Providers point of view.
The EGI MW Unit View summarises the process and responsibilities from the EGI Middleware Unit's view.
The Deployment View summarises the process and responsibilities of the NGIs and Sites deploying the Middleware in the EGI infrastructure.
Some Notes On Risk are also available
The approved issue handling
- EGI Software Vulnerability Issue Handling Process describes the process in detail. This has been updated and was approved by the EGI Operations Management Board on 17th December 2015, this was further updated and approved by the EGI OMB in November 2017.
| Issue Handling Summary |
Reporters |
SVG View |
Software Providers |
EGI MW Unit |
Deployment |
Notes on Risk |