Resources

Cybersecurity code review will typically start with Open Web Application Security Project (OWASP) API Security Top Ten inspired questions.

AWS Lambda can help development teams associated with the University of Illinois to more easily comply with Illinois Cybersecurity standards.

Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data. 

The Center for Internet Security has benchmarks for securing Linux, Windows, Cloud Providers, Mobile Devices, Networking Equipment, more. IT professionals create an account with your NetID.

CISDSC is a DSC (desired state configuration) based PowerShell module for applying CIS benchmarks for Windows & Microsoft Edge. 

Code review will start these Open Web Application Security Project (OWASP) Top Ten Web Application Security Risks inspired questions.  

Designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability.

Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking changes. 

Cybersecurity training helps raise awareness and build good cyber-safety habits. Login using your university credentials to access assigned and optional cybersecurity training.  

Understand more about how to identify and handle different types of data.

How to be security compliant for Electronic Data, Disk, SSD, or Other Storage Device Disposal.

Multi-factor authentication is simple with push notification or a one time passcode on the Duo Mobile App

A starting point to guide discussion of Cybersecurity development practices, and to help draft a document internal to a team. 

Monitors incoming and outgoing network traffic and decides whether to allow or block.

IT Pro tool used to identify the firewall group of an IP or network.

Properly logging security events helps comply with Illinois Cybersecurity standards.

Facilitates management of endpoints including Windows and MacOS.

Facilitates management of endpoints including Windows and MacOS.

Vulnerability management tool used by the cybersecurity team and Qualys users to assess risk to systems and networks.

This service manages SSL certificate requests and processes them through the university Certificate Authority vendor, Sectigo. 

Correctly using AWS Secrets Manager helps fulfill an IT Professional's responsibility to comply with Illinois Cybersecurity standards.

As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data. 

University units can securely store Personal Health Data (PHI) and other types of data governed by HIPAA.

This document provides the developer with resources to learn about what GitHub Actions and Runners are, how to set up the features, and how to use them effectively. 

Quick identification of at-risk systems or services with responsible notification to the owners of those services.