Maintain Secure Web Applications
In honor of National Cyber Security Awareness Month, a reminder that university policy requires that web application managers scan, identify, and resolve critical vulnerabilities by performing a vulnerability scan before apps are first launched and every time there's a major upgrade or change. Easy-to-use services available from the IT Security Office (ITSO) can identify and fix potential problems before launch and prevent websites and web applications from becoming a target for criminals looking for ways to break in.
- Handle data securely.
- Be free of critical vulnerabilities.
- Not collect or store any information they’re not allowed to.
The IT Security Office provides services that can help you with these tasks. They include:
- Scan on Demand, an easy-to-use, web-based, feature-rich, and up-to-date general-purpose vulnerability scanner.
- IT staff access to a web-based vulnerability scanning utility, AppSpider, also easy to use, feature-rich, and current with the latest vulnerability scanning signatures.
- On-request scans of networks, websites, or applications.
For more information, see Vulnerability Scanning.
SANS provides a checklist of best practices on securing web application technologies.