9-11 October 2018
Lisbon
Europe/Lisbon timezone

Security Incident Management in the EOSC era Part-1

11 Oct 2018, 11:30
1h 30m
Room C103 (Lisbon)

Room C103

Lisbon

ISCTE, University of Lisbon

Speaker

Daniel Kouril (CESNET)

Description

The security training proposed here would be split into two sessions, focusing on different areas of incident handling. An important area that will be highlighted is the close collaboration of experts necessary for the successful resolution of a security incident in the EOSC era The first session targets the more technically oriented attendees. Here, after an introduction to forensics, the participants will have to analyse images provided by a security team of a FedCloud site. The results of the investigations will be used as input for the second session, where the case will be handled within a role-play involving the various service providers active in the EOSC-Hub project, including identity providers, SIRTFI, the service catalogue, and the infrastructures coordinated by EGI and EUDat. The goals of this training are twofold. Firstly, the collaboration of project members with a managerial background and those with a technical background will be explored. The second goal is to examine the existing set of policies and procedures to challenge them and identify possible issues. It is hoped that this will help to prioritize the security related activities within the EOSC-hub project.

Summary

Hands on training. This first session focuses on the technical aspects of incident response. After an introduction to forensics, the participants will analyse Virtual Machine disk images.

In the wrap up the used techniques will be discussed, and the key findings transformed into a report, which will be used as the starting point in the second session (table top, roleplay). Where the higher level aspects of security incident response will be addressed.

Type of abstract Training Session

Primary authors

Daniel Kouril (CESNET) Dr David Crooks (UG) David Groep (NIKHEF) Dr Sven Gabriel (NIKHEF) Urpo Kaila (CSC) Vincent Brillault (CERN)

Presentation Materials

There are no materials yet.