Cyberinfrastructure Vulnerabilities

Trusted CI provides situational awareness of the current cyber threats to the research and education environment, including those that impact scientific instruments, by providing timely email notifications about relevant software vulnerabilities. Trusted CI staff filter the constant stream of new software vulnerabilities to 1) determine which vulnerabilities are relevant to the NSF cyberinfrastructure community and 2) provide clear guidance on actions that operators and developers can take to reduce risks and mitigate threats.

Trusted CI tracks notifications from multiple sources including US-CERT and REN-ISAC.

The potential impact of any vulnerability, and therefore the appropriate response, depends in part on operational conditions that are unique to each cyberinfrastructure deployment. Trusted CI can not provide a one-size-fits-all severity rating and response recommendation for all NSF cyberinfrastructure. Please contact us if you need assistance with assessing the potential impact of a vulnerability in your environment and/or you have additional information that should be shared with the community.

Subscribe To Receive Alerts

• cv-announce@trustedci.org - Announcements of CI vulnerabilities for both CI operators and software developers

• View the public archive for the Cyberinfrastructure Vulnerabilities Announcement List

Report Vulnerabilities to Trusted CI

• alerts@trustedci.org - Found a CI vulnerability? Let us know!