Qualys BrowserCheck

Qualys BrowserCheck will perform a security analysis of your browser and its plugins to identify any security issues.

Flexera corporate software inspector (CSI)

The University of Waterloo has a subscription to Flexera CSI, which provides the same basic functionality as PSI but is targeted at the Enterprise where PCs are managed. Here are some differences:

  • Reporting is to a central console.
  • Scanning is done by System Centre Configuration Manager (SCCM) or by a Windows service that runs on the workstation (silent to the end user).
  • Updates can be distributed via SCCM.

QualysGuard

The University of Waterloo has a subscription for the QualysGuard vulnerability management software hosted by Telus. QualysGuard provides for scans from off-campus, as well as on-campus (using on-premise scanning appliances) to help the university assess the security posture of hosts on the campus network. QualysGuard supports distributed management, so IT staff can schedule scans and generate reports regarding hosts for which they are responsible.

Web application vulnerability scanning

If you are developing a web-based application for the University of Waterloo, then it will need to be reviewed for security. The Information Systems & Technology (IST) Information Security Services (ISS) group can assess your application for security and compliance issues. ISS will assess the type of information being processed, the architecture of the application, and with the help of vulnerability scanning software, look for common web application vulnerabilities such as injection and cross-site scripting.

University of Waterloo IT staff that wish to take advantage of the above services should contact the IST Security Operations Centre.