-
API Code Review Discussion Questions
Cybersecurity code review will typically start with Open Web Application Security Project (OWASP) API Security Top Ten inspired questions.
Job Aid -
Best Practices with AWS Lambda
AWS Lambda can help development teams associated with the University of Illinois to more easily comply with Illinois Cybersecurity standards.
Job Aid -
Box High Risk Folders
Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data.
Tools & Services -
CIS Benchmarks and Assessor
The Center for Internet Security has benchmarks for securing Linux, Windows, Cloud Providers, Mobile Devices, Networking Equipment, more. IT professionals create an account with your NetID.
Job Aid -
CISDSC
CISDSC is a DSC (desired state configuration) based PowerShell module for applying CIS benchmarks for Windows & Microsoft Edge.
Tools & Services -
Code Review Discussion Questions
Code review will start these Open Web Application Security Project (OWASP) Top Ten Web Application Security Risks inspired questions.
Job Aid -
CrowdStrike
Designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability.
Tools & Services -
Cybersecurity Mobile Integration Testing
Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking changes.
Job Aid -
Cybersecurity Training
Cybersecurity training helps raise awareness and build good cyber-safety habits. Login using your university credentials to access assigned and optional cybersecurity training.
Training -
Data Classification Flowchart
Understand more about how to identify and handle different types of data.
Job Aid -
Device Wiping and Disposal
How to be security compliant for Electronic Data, Disk, SSD, or Other Storage Device Disposal.
Job Aid -
Duo Mobile Application
Multi-factor authentication is simple with push notification or a one time passcode on the Duo Mobile App
Job Aid -
Example Development Standards
A starting point to guide discussion of Cybersecurity development practices, and to help draft a document internal to a team.
Job Aid -
Firewall
Monitors incoming and outgoing network traffic and decides whether to allow or block.
Tools & Services -
Logging Practices for Application Developers
Properly logging security events helps comply with Illinois Cybersecurity standards.
Job Aid -
Qualys
Vulnerability management tool used by the cybersecurity team and Qualys users to assess risk to systems and networks.
Tools & Services -
SSL Certificate Issuance
This service manages SSL certificate requests and processes them through the university Certificate Authority vendor, Sectigo.
Tools & Services -
Storing Secrets on Amazon Web Services (AWS)
Correctly using AWS Secrets Manager helps fulfill an IT Professional's responsibility to comply with Illinois Cybersecurity standards.
Job Aid -
Third-Party Risk Management
As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data.
Tools & Services -
University Box Health Data Folder (BHDF)
University units can securely store Personal Health Data (PHI) and other types of data governed by HIPAA.
Tools & Services -
Using GitHub Actions with the Campus Firewall
This document provides the developer with resources to learn about what GitHub Actions and Runners are, how to set up the features, and how to use them effectively.
Job Aid -
Vulnerability Response
Quick identification of at-risk systems or services with responsible notification to the owners of those services.
Tools & Services