Skip to main content

Maintain Secure Web Applications

In honor of National Cyber Security Awareness Month, a reminder that university policy requires that web application managers scan, identify, and resolve critical vulnerabilities by performing a vulnerability scan before apps are first launched and every time there's a major upgrade or change. Easy-to-use services available from the IT Security Office (ITSO) can identify and fix potential problems before launch and prevent websites and web applications from becoming a target for criminals looking for ways to break in.

Apps must:

  • Handle data securely.
  • Be free of critical vulnerabilities.
  • Not collect or store any information they’re not allowed to.

The IT Security Office provides services that can help you with these tasks. They include:

  • Scan on Demand, an easy-to-use, web-based, feature-rich, and up-to-date general-purpose vulnerability scanner.
  • IT staff access to a web-based vulnerability scanning utility, AppSpider, also easy to use, feature-rich, and current with the latest vulnerability scanning signatures.
  • On-request scans of networks, websites, or applications.

For more information, see Vulnerability Scanning.

SANS provides a checklist of best practices on securing web application technologies.

Was this page helpful?

Your feedback helps improve the site.