In the security workshop, we will cover the latest developments in security for EGI and related infrastructures. We will focus on three key areas.
It is possible to attend only one (or two) of the sessions.
Threat intelligence and Security Operations Centres
09:00 – 10:00
In the current research and education environment, the threat from cybersecurity attacks is acute, having grown in recent years. We must collaborate as a community to defend and protect ourselves. Efficient collaboration and response require both the use of detailed, timely and accurate threat intelligence alongside fine-grained networking monitoring. In this session, we explore aspects both of sharing appropriate intelligence and the conceptual design of a security operations centre, including recent work towards a SOC environment appropriate for cloud infrastructures.
Security of OIDC deployments
10:15 – 11:15
We can see services, users, and infrastructures migrating to OIDC or already using the technology. We will welcome site and services administrators, VO managers and users, developers, and security experts. We want to trigger discussions about the security implications of the new technology, the level of readiness, changes in the habits of users, and the overall impact on security operations and incident response.
SSC Forensics Walkthrough
11:30 – 16:00 (lunch break : 13:00 – 14:00)
We will describe the recent Security Service Challenge (SSC) that enabled several EGI partners to investigate a simulated large-scale incident. After summarising the whole activity, we will present the essentials of digital forensics, focusing on collecting and analysing artefacts that could be observed during the SSC run.
This training session is led by:
- Daniel Kouril (CESNET)
- Sven Gabriel (NIKHEF)
- David Crooks (STFC)
- Baptiste Grenier (EGI)