Overview
We continuously scan the campus network for security vulnerabilities on connected devices. We use a number of scanners using Tenable Nessus, along with Tenable's Professional Feed of network vulnerability "plugins", to detect systems that may be vulnerable to attack. When detected, high-risk vulnerabilities are reported to designated security contacts for investigation and remediation. Vulnerabilities may include:
- Missing patches and updates
- Misconfigurations allowing unintentional data exposure
- Weak and default system passwords
- Unsupported operating systems and software
- Insecure and unnecessary network services
Hackers will often test a system's defenses for weaknesses. Once a weakness is found, it can be exploited to take control of the system. Our network vulnerability scanning services are designed to find these weaknesses, or "vulnerabilities" before they are discovered by hackers.
All systems connected to the campus network are scanned, so all members of the campus community can benefit, including:
- Researchers using the network for storage and transmission of research data
- Students using electronic resources to complete their coursework
- Staff supporting University administrative functions requiring information technology resources
- University administration meeting legal and ethical requirements to protect private information
- Individuals with private information on campus information technology systems
Devices with data classified at higher data protection levels receive more frequent scanning.
How to Get Started
All devices connected to the campus network receive basic scanning services. To receive security notifications from scanning, you must be connected to a supported network (wired, Airbears, or VPN) and not the CalVisitor wireless network, and any firewalls must be configured to allow access from our scanners.
For enhanced scanning services for machines with data classified at higher protection levels, make sure your systems are registered in Socreg.