CTSC provides situational awareness of the current cyber threats to the research and education environment, including those that impact scientific instruments, by providing timely email notifications about relevant software vulnerabilities. CTSC staff filter the constant stream of new software vulnerabilities to 1) determine which vulnerabilities are relevant to the NSF cyberinfrastructure community and 2) provide clear guidance on actions that operators and developers can take to reduce risks and mitigate threats.
CTSC's situational awareness activity uses the following email lists:
- ctsc-announce-inf-l - announcements for CI operators (most notifications go here)
- ctsc-announce-sw-l - announcements for CI software developers (when applicable)
- ctsc-discuss-l - general security discussion
Please use the links above to subscribe to the relevant email lists.
The potential impact of any vulnerability, and therefore the appropriate response, depends in part on operational conditions that are unique to each cyberinfrastructure deployment. CTSC can not provide a one-size-fits-all severity rating and response recommendation for all NSF cyberinfrastructure. Please contact us if you need assistance with assessing the potential impact of a vulnerability in your environment and/or you have additional information that should be shared with the community.