As part of its service to the NSF cybersecurity community, CTSC provides situational awareness of current cybersecurity threats to the cyberinfrastructure (CI) of research and education centers, including those threats which may impact scientific instruments. This service is available to all CI community members by subscribing to CTSC’s mailing lists.
- ctsc-announce-inf-l (https://list.indiana.edu/sympa/info/ctsc-announce-inf-l) : Announcements for CI operators (most notifications go here)
- ctsc-announce-sw-l (https://list.indiana.edu/sympa/info/ctsc-announce-sw-l) : Announcements for CI software developers (when applicable)
- ctsc-discuss-l (https://list.indiana.edu/sympa/info/ctsc-discuss-l) : General security discussion
CTSC staff members monitor several sources for possible threats to CI, including:
CTSC staff filter these sources for software vulnerabilities which we believe may be of interest to CI operators and software developers. For those issues which warrant notification to the CTSC mailing lists, we also attempt to provide guidance on how operators and developers can reduce risks and mitigate threats.
CTSC cannot provide a one-size-fits-all severity rating and response recommendation for all NSF CI. Please contact us at http://trustedci.org/help for assistance with assessing the potential impact of a vulnerability in your environment or to provide feedback on our service (for example, on the sources we monitor or on the software of interest to your CI).