The Pitt SecureWeb service lets University of Pittsburgh website owners or technical contacts request a security scan before a new Web site is published or as changes are made. A form is used to provision a site in SecureWeb but only needs to be filled out one time for each development (staging) and production Web site.
Departments at the University of Pittsburgh are required to submit Enterprise Web Infrastructure (EWI) web sites to Web vulnerability scans before these sites are accessible from the Internet. SecureWeb can also be used to submit non-EWI web sites to Web vulnerability scans.
Benefits of SecureWeb include:
- An improved front-end information gathering process for Web site information.
- Self-service provisioning that reduces the time to handle your request.
- Quicker access to your site reports and scan results to fix critical issues or vulnerabilities.
Note: After critical issues or vulnerabilities are remediated, an additional SecureWeb scan request is required.
- Scanned sites are added to an automated schedule so you will continue to receive additional reports and notifications about new critical vulnerabilities or issues.
- Additional site scan requests can be submitted anytime.
To begin the provisioning process for your site, fill out the SecureWeb Site Enrollment Form at http://techforms.pitt.edu/TechRequest/SecureWebAccessRequest.aspx.
Once your site has been provisioned in SecureWeb, log in to the secure Web portal at http://secureweb.pitt.edu and request a scan for your project.
When your scan results are returned you can access them through http://secureweb.pitt.edu. You can audit your test results and resubmit your site if it requires additional scanning.
Complete details about SecureWeb are available on our Web site at http://technology.pitt.edu/support/using-pitt-secureweb.