Description
Threat intelligence and Security Operations Centres
In the current research and education environment, the threat from cybersecurity attacks is acute, having grown in recent years. We must collaborate as a community to defend and protect ourselves. Efficient collaboration and response require both the use of detailed, timely and accurate threat intelligence alongside fine-grained networking monitoring. In this session, we explore aspects both of sharing appropriate intelligence and the conceptual design of a security operations centre, including recent work towards a SOC environment appropriate for cloud infrastructures.
Security of OIDC deployments
We can see services, users, and infrastructures migrating to OIDC or already using the technology. We will welcome site and services administrators, VO managers and users, developers, and security experts. We want to trigger discussions about the security implications of the new technology, the level of readiness, changes in the habits of users, and the overall impact on security operations and incident response.
SSC Forensics Walkthrough
We will describe the recent Security Service Challenge (SSC) that enabled several EGI partners to investigate a simulated large-scale incident. After summarising the whole activity, we will present the essentials of digital forensics, focusing on collecting and analysing artefacts that could be observed during the SSC run.
SSC Forensics Walkthrough
We will describe the recent Security Service Challenge (SSC) that enabled several EGI partners to investigate a simulated large-scale incident. After summarising the whole activity, we will present the essentials of digital forensics, focusing on collecting and analysing artefacts that could be observed during the SSC run.
