Home /

Vulnerability Scans

Vulnerability scans can help identify vulnerabilities, prioritize areas for improvement, and support audits and compliance requirements. Vulnerability scans are updated regularly and frequently to ensure we are using the latest intelligence to scan for emerging threats. Vulnerability scans are conducted in accordance with UCSC ITS Routine System Monitoring Practices.

UC Santa Cruz Scanning Services

UCSC’s Information Technology Services (ITS) team assists UCSC service providers in securing their systems and applications and minimizing risk. Vulnerability scans and reports are available on request for systems and applications.

Vulnerability scans are funded by ITS. All university owned, managed, or affiliated systems are eligible, and there is no direct charge to the department requesting the scan.

Scanning Options

An authenticated vulnerability scan is recommended. This kind of scan mimics an authorized user, enabling it to collect detailed and accurate information about potential weaknesses in a system. A CruzID is required to request an authenticated vulnerability scan. Accounts can be issued to people affiliated with UCSC who need a CruzID and are not faculty, staff, or students. These accounts, often referred to as “sponsored” or “sundry” accounts, require an active staff or faculty member to sponsor the account. A sponsor can submit a request for a sundry account to SlugHub via the New/Reactivation Sponsored (Sundry) Account.

An unauthenticated vulnerability scan, which only reviews externally visible services, is also available. This scan has a higher rate of false positives.

Requesting a Scanning Service

Different vulnerability scans are available for different situations.

For a public-facing system, submit a request to SlugHub via Host Vulnerability Scan (UCSC Network).
For a closed network, submit a request to SlugHub via the Host Vulnerability Scan (UCSC Departmental/Academic Firewall).
For web applications, submit a request to SlugHub via the Web Application Scan form.

Your SlugHub ticket will be assigned within 8 working hours. You will be contacted for additional information if needed (a consultation is necessary for scheduling a web application scan and for closed network scans).

To access UCSC’s vulnerability scanning tool, you must be connected to the UCSC network via campus VPN and log in with your CruzID Gold credentials.

System admins and custodians/managers can learn more at Using UCSC's Scanning Service.

Scan Results

Reports: Results of a scan are provided to the requester and the Service Manager, who must then work with their service providers to confirm false positives and resolve confirmed vulnerabilities.

Consultation: A Service Manager and/or service providers may request consultation with ITS to discuss the scan results and determine whether false positives exist. Consultations may include a simulated cyberattack and are handled using the ITS Project Management Methodology. Consultations are first-come, first-served unless prioritized otherwise by management.

Requirement to Re-Scan: Systems or applications with high-risk vulnerabilities, and systems showing evidence of a data breach, must be re-scanned after the vulnerability or breach has been addressed to demonstrate that it has been eliminated. Re-scans of other systems and applications are available on request.

Training

UISL Vulnerability Management Training

Wednesday, May 22nd, 2024, 10:00 AM to 11:00 AM (PST)

This training is designed for Unit Information Security Leads (UISLs) or a unit's designated technical contact to effectively use UCSC's vulnerability scanning tool for managing their most vulnerable devices. Participants will learn the fundamental concepts of vulnerability management, how to log into the scanning tool, run and interpret reports, and take appropriate actions based on the findings.

Watch the recording of the May 2024 session if you couldn't attend.
Review the presentation slides.
Read the vulnerability management documentation.

Vulnerability Management Drop-In Support Sessions

Join our drop-in support sessions on vulnerability management with the Information Security team. Choose from three available dates and get answers to your questions about tool onboarding, vulnerability reports, running scans, and more. Register for the upcoming sessions

Wednesday, July 10th, 2024, 10:00 AM to 11:00 AM (PST)
Monday, July 15th, 2024, 10:00 AM to 11:00 AM (PST)
Wednesday, July 23rd, 2024, 10:00 AM to 11:00 AM (PST)

Vulnerability Management Tool Training

We recommend three training courses to help UISLs master the fundamentals: Scanning Fundamentals: Sites, Asset Groups, and Tags; Reviewing Vulnerability Findings and Using Credentials; and Vulnerability Assessment Best Practices. These courses offer comprehensive knowledge and essential skills for effective vulnerability management. The courses are free, but you will need to create an account to access them. Access the Training Courses Here.

LinkedIn Learning Courses

We encourage all UISLs and staff members interested in enhancing their skills in vulnerability management to take advantage of the following LinkedIn Learning courses. These courses cover essential topics, including identifying and mitigating vulnerabilities, understanding security frameworks, and implementing cybersecurity best practices. These courses are accessible through your UCSC account.

Get Help

Support for vulnerability scanning service is available Monday through Friday, from 8am-5pm, and scans can be performed during off hours to avoid interfering with business operations. To request support, open a SlugHub ticket.