Vulnerability Management

Vulnerability management is a proactive approach to managing network and computer security. It involves identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities in SDSU systems and software. Vulnerabilities can be a common occurrence and come about due to software flaws, bugs, or insecure system configuration and settings.

What tools and services does the University use for vulnerability tracking?

We use a combination of scanning tools and testing methods. These tools scan our network and systems to find known vulnerabilities.

Qualys Vulnerability Management Platform:

• Used for vulnerability scanning, web application scanning, and asset management
• Provides an installable agent to provide up-to-date details on server vulnerabilities without the need to scan.
• Scans university web applications for known vulnerabilities.
• University assets are categorized by department, and ranked according to risk.

University of Texas at Austin:

• The Dorkbot Scanner was created by the Information Security department at UT and is used for web application scanning.
• This scanning is provided at no cost to SDSU

The Shadowserver Foundation:

• Shadowserver provides regular vulnerability scanning of internet facing systems.
• This scanning is provided at no cost to SDSU

Cybersecurity and Infrastructure Security Agency:

• CISA offers vulnerability scanning services to assist federal agencies and other partners in identifying and mitigating vulnerabilities in their networks.
• Regularly scans internet-facing systems for vulnerabilities and reports them.
• This scanning is provided at no cost to SDSU

Cost

Vulnerability Scanning is run on all SDSU servers free of charge.