egi – security training and dissemination mingchao ma stfc – ral, uk
TRANSCRIPT
![Page 1: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/1.jpg)
EGI – Security Training and Dissemination
Mingchao MaSTFC – RAL, UK
![Page 2: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/2.jpg)
Overview
• Web sites and mailing list
• Training materials– For system administrators– For trainers
• Security training events/workshops
www.eu-egi.eu 2
![Page 3: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/3.jpg)
Mailing Lists
• [email protected]• project-eu-egee-roc-security-
[email protected]• [email protected]• [email protected]• PROJECT-EGEE-SECURITY-
www.eu-egi.eu 3
![Page 4: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/4.jpg)
Mailing Lists in EGI• A catch-all mailing list for ALL NGI security
officers and their [email protected]
• EGI incident handling mailing listEGI-Security-CSIRTs@
• EGI security contacts mailing listEGI-Security-Contacts@
• EGI CSIRT team mailing list
![Page 5: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/5.jpg)
Other mailing lists• Security-support
– Answer GGUS ticket (assigned to security team)
• Security-Discussion– For general security discussion, not for
incident response, could include wider audiences
• EGI/NGI Duty-Contact– Similar to OSCT-DC rota
www.eu-egi.eu 5
![Page 6: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/6.jpg)
Web Sites
• OSCT public website– http://osct.web.cern.ch/osct/
• OSCT internal website– https://osct-internal.web.cern.ch/osct-internal/
• OSCT wiki– https://twiki.cern.ch/twiki/bin/view/LCG/OSCT-
EGEEIII-tasks
www.eu-egi.eu 6
![Page 7: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/7.jpg)
Web sites in EGI
• EGI CSIRT public web site
• EGI CSIRT Internal web site
• EGI CSIRT public and internal wiki
www.eu-egi.eu 7
![Page 8: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/8.jpg)
Mailing list and websites
• Maintenance
• Update
• Automatic tools (scripts) to propagate contact emails (from GOCDB) to various mailing list– Develop and maintain
www.eu-egi.eu 8
![Page 9: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/9.jpg)
Training Materials• Setup a central repository
– Copies of presentations and documents
• TRANSIT training materials– http://www.terena.org/activities/csirt-training/
• ENISA CERT exercise material and Live DVDs– https://www.enisa.europa.eu/act/cert/
support/exercise
• Best Practices/Guidelines etc.www.eu-egi.eu 9
![Page 10: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/10.jpg)
Training Workshops
• Training at EGI conference– Once a year
• Train the trainer event– ???
• Training events organized by NGI security officers
www.eu-egi.eu 10
![Page 11: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/11.jpg)
Required Efforts
• Webmaster to look after EGI CSIRT websites and wikis– a few hours/week– Assuming hardware/OS is maintained by
someone else
• Mailing list maintainer– Initial setup– Small effort for maintenance
www.eu-egi.eu 11
![Page 12: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/12.jpg)
Required Efforts
• To develop training materials– Expertise (not limited to the team)
• To host, coordinate, organize training events
• To give presentations/talks/demo/poster at conferences/workshops
• Participate training events as a trainer
www.eu-egi.eu 12
![Page 13: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/13.jpg)
Training and Dissemination Group
• One Coordinator– To lead the group and coordinate all training
and dissemination activities– Who wants to take the role?
• Contribution from NGI security officers (and other experts)– Express your interest NOW!
www.eu-egi.eu 13
![Page 14: EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK](https://reader035.vdocuments.us/reader035/viewer/2022070410/56649f185503460f94c2f207/html5/thumbnails/14.jpg)
EGI Geneva Workshop www.eu-egi.eu 14
http://www.eu-egi.eu