Vulnerability Management Procedure For Servers
- Issue Date: October 2019
- CSU Information Security Policy - 8000.00 - Introduction and Scope
- CSU Information Security Policy - 8045.00 - Information Technology Security
- CSU Information Security Standard – 8045 Section 500 - Information Asset Monitoring
This document clarifies the campus procedure for vulnerability management, including scanning, assessment and remediation of the discovered vulnerabilities for CSULB servers. The results of the vulnerability scans help inform server administrators of known and potential vulnerabilities, so those vulnerabilities can be remediated.
A vulnerability is a security exposure in an operating system or other system or application software component including, but not limited to: missing operating system and application patches, inappropriately installed or active applications and services, software flaws and exploits, misconfigurations in systems, etc.
Vulnerability Scanning process
All campus servers (level 1, level 2 and level 3 servers) are scanned on a quarterly basis.The Division of Information Technology security team runs credentialed, or authenticated scans on all campus servers (level 1, level 2 and level 3 servers) using Qualys on a quarterly basis.
The Qualys Vulnerability Management Tool
Qualys is a vulnerability management solution that helps system administrators and application developers/administrators determine how emerging threats affect the risk profile of their servers and applications.
Once the security team runs the scan, vulnerability reports are generated and distributed to each one of the following Division of Information Technology teams for patch management and remediation:
- Systems Server Group
- Enterprise Services Group
- Network Services Group
- Administrative Computing Group
- Web Development Center
Vulnerability reports provide Division of Information Technology the tools to identify and evaluate the potential risk to University information assets that may be exposed by system vulnerabilities. Proactive steps are taken to address the identified vulnerabilities.
Remediation management is a shared responsibility encompassing Division of Information Technology, and campus technical coordinators. Vulnerabilities discovered during scans are remediated prior to the next scheduled scan.
Information Security Office