This content is viewable by Everyone

Application and Website Security

Subscribe to Service

How to Request Access

Contact the IT Service Desk at 415-514-4100 or submit a ServiceNow ticket to request a scan of your systems and/or web applications.

Why are application and website security important? 

Hackers must first find weaknesses (vulnerabilities) within a system or application in order to gain control of computers and other network systems. These weaknesses can be the result of many different causes, such as not keeping systems and applications up to date or the use of insecure development and coding practices. In either case, these weaknesses could allow hackers to gain unauthorized access to UCSF systems and data. 

IT Security can use automated scanning tools to help find and identify these weaknesses before a hacker exploits them. By using these tools to find and remediate weaknesses on your systems, you can help:

  • Prevent UCSF and user data from being breached 
  • Minimize use of the resources required to remediate breaches

The information and video below describe these important security resources, including how to request their use for your web applications and systems.

Vulnerability Scanning

UCSF uses a system vulnerability scanner that can find software or configuration vulnerabilities within a system.

Click here for more information (MyAccess login required)

Web Application Scans

UCSF also uses a web application vulnerability scanner that can find vulnerabilities within web applications or web sites.

Click here for more information (MyAccess login required)

Both scanning services can be used together to gain a more comprehensive view of the security posture of an application or service. Web application scans focus on web vulnerabilities, while system vulnerability scanning examines the underlying servers or software.