Operational procedures

EGI Critical Vulnerability Handling Procedure

The "EGI Critical Vulnerability Handling Procedure" defines the procedure for dealing with Critical Security Issues where action needs to be taken by a single site or multiple sites.

After a problem has been assessed as critical, and a solution is available, then sites are required to take action. This document primarily defines the procedure from this time, where sites are asked to take action, and what steps are taken if they do not respond or do not take action. If a site fails to take action, this may lead to site suspension.

The last approved version of the procedure can be found here

Security Incident Handling Procedure

The EGI-CSIRT (EGI Computer Security Incident Response Team) has produced this document with the aim to minimize the impact of security incidents, to encourage post-mortem analysis and to promote the cooperation between the sites.

The Security Incident Handling Procedure defines site and incident coordinator responsibilities when handling Grid-related security incident. ALL EGI sites are required to follow this procedure to report and handle Grid-related security incident. We strongly encourage the security contacts and system administrators to have a printing copy of this procedure.

The official document can be found here

Two other documents are available that can help the security contacts and administrators to follow the correct procedure:

Other useful Links:

  • GOC-DB Central Grid Database - To search for the administrators and security officers of a Grid site.
  • CIC-Portal VO Selection Form - To search for the VO managers and contacts.
  • EuGridPMA CA Search Form - To search for the issuer CA of a given certificate
  • GARR-CERT: Email address - To contact the GARR Computer Emergency Response Team
  • GARR-CERT Incident Reporting Form - To report an incident to the GARR-CERT
  • GARR APM (Access Point Manager) Search - To search for an APM contact email