SVG:SVG More Information
|Main page||Software Security Checklist||Issue Handling||Advisories||Notes On Risk||Advisory Template||More|
SVG More Information
Some of this information is old and will be updated/revised
Risk Assessment Team
The EGI SVG Risk Assessment Team or "RAT" is the group of people who co-ordinate the SVG issue handling process and along with the Deployment Expert Group (DEG) carry out most of the work to investigate and assess vulnerabilities reported to the EGI Software Vulnerability Issue handling process.
Deployment Expert Group
The Deployment Expert Group or DEG helps ensure that vulnerabilities the ever increasingly inhomogeneous infrastructure are handled suitably.
Some links to Documents related to SVG
This is work which was carried out to investigate whether software contained vulnerabilities.
While there is no team in EGI or EOSC doing this work at present (June 2020), we refer to past activities and other activities being carried out.
Some information on Secure Coding
Various views and responsibilities in issue handling process
Note this is old and will be revised.
From here we link to more information on the EGI Vulnerability Issue handling from various points of view.
The Reporters View summarises the process and responsibilities from the Reporters point of view.
The SVG View summarises the process and responsibilities from the SVG point of view.
The Software Providers View summarises the process and responsibilities from the Software Providers point of view.
The EGI MW Unit View summarises the process and responsibilities from the EGI Middleware Unit's view.
The Deployment View summarises the process and responsibilities of the NGIs and Sites deploying the Middleware in the EGI infrastructure.
Some Notes On Risk are also available
The approved issue handling
- EGI Software Vulnerability Issue Handling Process describes the process in detail. This has been updated and was approved by the EGI Operations Management Board on 17th December 2015, this was further updated and approved by the EGI OMB in November 2017.