...
Also see the CSIRT Incident reporting
Several people are in both the EGI Incident Response Task Force as well as the Software Vulnerability group, so sending to either will probably get forwarded fairly quickly to the right people.
...
This is undergoing revision at time of writing, to cope with the increased inhomogeneity of the infrastructure.
Other activities
Vulnerability Assessment is the proactive examination of software in order to find vulnerabilities that may exist. At present there is no funding to carry out this activity.
...