Contact
Questions? Comments? Interested in learning more about how Trusted CI can help with your project?
Please reach out to us at info [at] trustedci.org and we'll get back to you as soon as we can.
Trusted CI Director Sean Peisert can be reached at: sppeisert@lbl.gov.
Watch past webinars, seminars, and events on our YouTube channel.
Trusted CI Newsletter
Stay informed! We rely on the Trusted CI Announce List to provide the community with timely cybersecurity news and event alerts.
-
Trusted CI has the following email lists to aid members of our communities and others interested in cybersecurity get timely news about cybersecurity incidents impacting widely-used software or services. The Trusted CI Compliance Resources webpage also has a link to the HigherEdCUI Slack channel.
We use the Trusted CI Announce List to communicate about timely cybersecurity related events and news of interest to the community at large. This is a low-volume list that does not support discussions.
Subscribe to the Trusted CI Announce List
The Trusted CI Security Discussion List is for anyone in the community with questions about security or for discussions about cybersecurity (e.g. Trusted CI may discuss the severity of a vulnerability on this list before announcing it on the other two lists). Unlike the announcement lists, discussion is encouraged. Traffic to this list is currently pretty low, but may change based on community interest and needs.
Subscribe to the Trusted CI Discussion List
To email the Trusted CI Discussion List, please send email to discuss@trustedci.org. (Posting is moderated and limited to subscribers.)
Archives of the Trusted CI Discussion List are viewable only by list members (requires authentication).
The Trusted CI Cybersecurity Vulnerabilities mailing list has been retired in favor of “The OmniSOC Community Advisory”, a semi-monthly newsletter highlighting current events and information security news aimed at the cyberinfrastructure community. To subscribe, send an email to omnisoc-community-advisory-l-subscribe@iu.edu .
The archive of previously announced vulnerabilities (before April 2024) is available at Cyberinfrastructure Vulnerabilities Announcement List.
Here are a few other CVE/vulnerability announcement lists which may be of interest.
-
If you would like to report an incident of a sensitive nature to Trusted CI, contact us at info [at] trustedci.org and let us know that you have sensitive information to send and we will respond to you with instructions about how to send us the information securely.
-
The mission of Trusted CI is to ensure NSF cyberinfrastructure (CI) projects get the guidance they need regarding their cybersecurity challenges. From quick questions to collaborative engagements lasting months, Trusted CI tackles challenges of all sizes. This includes:
Getting started - You're running a project and you don't know if you have any cybersecurity issues. Or maybe you have something that makes you nervous, but you don't know where to start.
Asking specific questions - e.g., Should I being using OpenID or Shibboleth? What's a good tool for IDS? How do I check my code for security vulnerabilities?
Helping with cybersecurity planning in developing a program.
Assessing an existing cybersecurity program.
Is the piece of software secure? Maybe you want a user community to adopt your software but they aren't sure it's secure enough for them. An independent assessment can help.
Designing or reviewing a security feature of my software - e.g., you need to allow one user to authorize another user to access their data in a way that doesn't cause your PI to lose sleep about data privacy.
Maybe you are developing a new cybersecurity tool or researching a new technique and are looking for someone who could benefit from it.
Trusted CI can help with any of these things (or anything related to cybersecurity for NSF CI projects). Feel free to send email to ask@trustedci.org (please identify what NSF project your query is regarding in your email). NSF CI projects are also welcome to join our email lists and ask questions of Trusted CI staff and other projects there. If you are in the proposal-writing stage, please visit Including Trusted CI in a Proposal.
Privacy statement: Trusted CI is funded by the NSF and hence needs to report on who we help. We also like to help as many people as we can when we answer your question. When we report to NSF, we will include that we helped your project. We may also sanitize your question and post it and our answer to our blog. If you have any concerns about the privacy of your question, please state this when you ask.