SCD Systems Division Security Workshop

Europe/London
    • 14:00 15:00
      Part 1: Preparation 1h
      • Introduction and Landscape
      • STFC and UKRI position
      • Security Culture
      • Case study, hypothetical "NewService" for "SomeProject"
        • Before the break, we will make preparations
          • Always better to start small and build
        • During the break this service will sadly be compromised
        • After the break: how do we respond?
      • Risk Assessment
      • Asset management and Service catalogue
      • Patching
      • Hardening
        • only install what's needed,
        • know what ports are open and why,
        • config management
      • Monitoring...
    • 16:00 17:00
      Part 2: Response 1h
      • NewService has been compromised!

        • First steps: Incident Response Procedure
        • Who do they talk to?
        • What do they do?
        • What documentation should someone gather?
      • Case Study: What does an incident look like?

        • Service view
        • CSIRT view
        • Reporting and post mortem