Vulnerability management

Qualys VMDR

The University of Waterloo has a subscription to Qualys-hosted "Vulnerability Management, Detection, and Response" (VMDR). VMDR provides for scans from both on- and off-campus to help the university assess the security posture of hosts on the campus network. Qualys supports installing agents directly on endpoints for better quality and more up-to-date detection.

Web application vulnerability scanning

If you are developing a web-based application for the University of Waterloo, then it will need to be reviewed for security. The Information Systems & Technology (IST) Information Security Services (ISS) group can assess your application for security and compliance issues. ISS will assess the type of information being processed, the architecture of the application, and with the help of vulnerability scanning software, look for common web application vulnerabilities such as injection and cross-site scripting.

University of Waterloo IT staff that wish to take advantage of the above services should contact the IST Security Operations Centre.