EGI CSIRT

Computer Security Incident Response Team


MISSION

EGI CSIRT coordinates operational security activities within the EGI Infrastructure to deliver a secure and stable infrastructure, giving scientists and researchers the protection and confidence they require to safely and effectively carry out their research.

Find more about EGI CSIRT

CONTACTS

To report a security incident:

To report a software vulnerability:

  • report-vulnerability@egi.eu or use this web form
    (don’t discuss on open forums)

Or contact us via email

WHAT WE DO

  • Prevention of security incidents (security monitoring, software vulnerability handling, risk assessment and mitigation)
  • Incident response
  • Security policy and procedures
  • Security Trainings

Find out more about our activities

TRAININGS

Keeping the EGI infrastructure secure requires an understanding of attack and defense techniques that goes beyond the average skill set of system administrators. Security training is vital to guarantee that local teams are able to use available information for a complete incident response. EGI CSIRT has a diverse catalogue of training modules, developed by the team or by partner institutions.

PuTTY vulnerability vuln-p521-bias

PuTTY tools from 0.68 to 0.80 inclusive have a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.)...

read more

CRITICAL risk Vulnerability in xz data compression tools

A CRITICAL risk vulnerability CVE-2024-3094 has been found in recent versions of xz data compression tools. Only a few Linux distributions use the versions affected, which does not include RHEL and its derivatives like RockyLinux and AlmaLinux. Hence most EGI sites...

read more
Trusted Introducer
EGI