SVG:SVG More Information

From EGIWiki
Jump to: navigation, search
Main page Software Security Checklist Issue Handling Advisories Notes On Risk Advisory Template More

SVG More Information


Some of this information is old and will be updated/revised

Risk Assessment Team

The EGI SVG Risk Assessment Team or "RAT" is the group of people who co-ordinate the SVG issue handling process and along with the Deployment Expert Group (DEG) carry out most of the work to investigate and assess vulnerabilities reported to the EGI Software Vulnerability Issue handling process.

RAT/Membership

Deployment Expert Group

The Deployment Expert Group or DEG helps ensure that vulnerabilities the ever increasingly inhomogeneous infrastructure are handled suitably.

Documents

Some links to Documents related to SVG

Vulnerability Assessment

This is work which was carried out to investigate whether software contained vulnerabilities.

While there is no team in EGI or EOSC doing this work at present (June 2020), we refer to past activities and other activities being carried out.

Vulnerability Assessment

Secure coding

Some information on Secure Coding

SVG members

Info for SVG members

Various views and responsibilities in issue handling process

Note this is old and will be revised.

From here we link to more information on the EGI Vulnerability Issue handling from various points of view.


The Reporters View summarises the process and responsibilities from the Reporters point of view.

The SVG View summarises the process and responsibilities from the SVG point of view.

The Software Providers View summarises the process and responsibilities from the Software Providers point of view.

The EGI MW Unit View summarises the process and responsibilities from the EGI Middleware Unit's view.

The Deployment View summarises the process and responsibilities of the NGIs and Sites deploying the Middleware in the EGI infrastructure.

Some Notes On Risk are also available

The approved issue handling

  • EGI Software Vulnerability Issue Handling Process describes the process in detail. This has been updated and was approved by the EGI Operations Management Board on 17th December 2015, this was further updated and approved by the EGI OMB in November 2017.


| Issue Handling Summary | Reporters | SVG View | Software Providers | EGI MW Unit | Deployment | Notes on Risk |