Skip to content

Security Incident Response

Following our Security Incident Response Procedure, which is part of the Helmholtz AAI Policies, Helmholtz AAI operates a central mailing list for incident response:

  • This is the Infrastructure Security Contact point, which is open for anybody to post.

Subscribers to this list are e.g.:

  • Contacts for the SP-IdP-Proxy (Unity @ FZJ)
  • HIFIS Cluster Contacts


  • Service’s site-security contacts (i.e. CERTs of participating sites)

In case of an incident, this Infrastructure Security Contact point will appoint and collaborate with the relevant Security Incident Response Coordinator(s) for the given incident.


The Helmholtz AAI uses SIRTFI, the Security Incident Response Trust Framework for Federated Identity, to communicate and collaborate with other organisations and instances, which are involved in the security incident.