towards a sustainable infrastructure

Jump to Menu

Software Vulnerability Group


Linda Cornwall

STFC Rutherford Appleton Laboratory (UK)


The goal of the Software Vulnerability Group (SVG) is to eliminate existing software vulnerabilities from the deployed infrastructure and prevent the introduction of new ones, thus reducing the likelihood of security incidents.

Main tasks  

  • Provide an efficient process to report, handle, and resolve software vulnerabilities found in middleware.

  • Provide consultation on software vulnerabilities to the CSIRT team and other EGI groups.

  • Collaborate with other partners to assess software provided in the EGI Unified Middleware Distribution and to look for vulnerabilities.

  • Encourage developers to write secure code, thus reducing the likelihood of future problems, by education and awareness.

If you find, or think you have found a vulnerability  


  • Discuss on a mailing list – especially if it has an open subscription or if it is publicly archived

  • Post the information online or publicise the vulnerability in any way – this may provide useful data to the attacker.


  • Report it to report-vulnerability (at)



Active policy groups