Trusted CI helps FABRIC build secure scientific infrastructure

Trusted CI has posted a new success story on its collaboration with FABRIC, a national-scale testbed that is providing a new research infrastructure enabling scientists to share massive amounts of data. As FABRIC was being built in 2021, project leaders turned to Trusted CI, the NSF Cybersecurity Center of Excellence, to ensure they designed security into the project from the beginning. FABRIC continues its involvement with Trusted CI as a member of the Research Infrastructure Security Community. The cohort offers an opportunity to share challenges and solutions with others in the same research space. 

CCoE Webinar Sept. 25th 11am ET: Demystifying Threat Intelligence

CERN's Romain Wartel is presenting the talk "Demystifying Threat Intelligence" on September 25th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation with attached calendar file.

Threat intelligence has become a very popular keyword among security professionals in the recent years. What is this all about? Is this a service for sale or rather an intangible asset resulting from a trust relationship? Every organization is seeking relevant and target intelligence, ideally at little to no cost and yielding no false-positives. What are the myths and realities? Is threat intelligence a worthy investment? Is it more suitable to favor local or global sources? Are there services or tools that can facilitate threat intelligence management. Beyond obtaining information, an often overlooked aspect are the challenges linked with building the ability to take promptly and effectively action based on specific intelligence. Making good use of threat intelligence is what makes its value, but this requires time and efforts. Yet, a well-designed threat intelligence management and flow may in fact be the only realistic and affordable strategy for our community to mitigate sophisticated threats or well-funded attackers on a daily basis.

More information about this presentation is on the event page.
Presentations are recorded and include time for questions with the audience.

Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

OSG article on their use of Pakiti to manage patching

An important part of operating a trustworthy cyberinfrastructure software stack is managing security patches for that software. Kevin Hill of the OSG Security team wrote an article in the February OSG Newsletter on OSG's use of Pakiti. Kevin's article follows (republished with permission).

Introducing Patiki

Pakiti is a Web-based application you can set up for your site that summarizes the patching status of machines at your site. Pakiti also knows about security specific updates, and can show which systems need security updates vs. other software updates, as well as link to the relevant CVEs to easily see which vulnerabilities apply to your systems and how critical these vulnerabilities are. CVE (Common Vulnerabilities and Exposure) is a dictionary of publicly known information security vulnerabilities and exposures kept by mitre.org. Pakiti does not install any updates itself.

Pakiti was developed at CERN, and is now available in the OSG v3 software release. The OSG security team has been running a central Pakiti server to monitor a few different hosts at various sites, and now any OSG site can set up their own Pakiti server without making their sites’ vulnerability information available off site. The Pakiti client that is installed on monitored systems is a simple bash script that should not interfere with normal operations. The data sent to your site's Pakiti server is essentially the output of 'rpm -qa', as well as the operating system release version.

The Pakiti homepage is http://pakiti.sourceforge.net. OSG-specific installation instructions are available at: https://twiki.grid.iu.edu/bin/view/Documentation/Release3/PakitiInstallation

~Kevin Hill, OSG Security Team

Control systems security at CERN

Interesting article on control systems security at CERN and the steps they have taken with regards to cybersecurity in light of Stuxnet and similar malware.