For details on the EGI Computing Security Incident Response Team, EGI CSIRT, please refer to the EGI CSIRT website.
EGI Information Security Management ISM: EGI Federation Information Security policies and procedures.
Documentation covering the Incident Response
- SEC01 EGI CSIRT Security Incident Handling Procedure: procedure aiming at minimising the impact of security incidents by encouraging post-mortem analysis and promoting cooperation between Resource Centres.
- Forensics Howto: how to collect forensics data as part of incident response.
- Recovering after a security incident: general guidelines on how to recover after a security incident.
- Lessons learnt: the final step of Incident Response.
- Security Traceability and Logging: basic instructions to setup logging
Additional resources
- Server management guidelines: General guidelines for server deployment and management.
- Access control to compute and storage infrastructure: recommendations that a site may consider when implementing access control.
- CSIRT Contacts and CSIRT PGP key
- CSIRT Activities
- EGI-CSIRT Private wiki