The HDF5 SHINES (NSF-Safe-OSE: Strengthening HDF5 for Science, Industry, and National Security Applications) project was launched with a clear mission: to harden the HDF5 ecosystem for the demands of modern science and national security. We are proud to introduce the dedicated team responsible for executing the security arm of that mission: The HDF Group Product Security Incident Response Team (PSIRT).
While HDF5 SHINES provides the roadmap and resources for a more secure infrastructure, the PSIRT serves as the human front line. Led by Glenn Song, the team is tasked with proactively identifying, investigating, and resolving security vulnerabilities.
The PSIRT is the formal body that operationalizes our Vulnerability Disclosure Policy found at https://ssp.hdfgroup.org/. By centralizing our security response, we ensure the HDF5 library remains a trusted foundation for thousands of organizations worldwide.
“Our priority is providing a clear, transparent pipeline for security researchers to work with us, ensuring HDF5 remains the gold standard for data integrity.” — Glenn Song, PSIRT Lead.
This material is based upon work supported by the U.S. National Science Foundation under Federal Award No. 2534078. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.