The Pitt SecureWeb service lets University of Pittsburgh website owners or technical contacts request a security scan before a new website is published or as changes are made. A form is used to provision a site in SecureWeb. This form only needs to be filled out once for each development (staging) and production website.
Departments at the University of Pittsburgh are required to submit Enterprise Web Infrastructure (EWI) websites to web vulnerability scans before these sites are accessible from the Internet. SecureWeb can also be used to submit non-EWI websites to web vulnerability scans.
Benefits of SecureWeb include:
- An improved front-end information gathering process for website information.
- Self-service provisioning that reduces the time to handle your request.
- Quicker access to your site reports and scan results to fix critical issues or vulnerabilities.
Note: After critical issues or vulnerabilities are remediated, an additional SecureWeb scan request is required.
- Scanned sites are added to an automated schedule so you will continue to receive additional reports and notifications about new critical vulnerabilities or issues.
- Additional site scan requests can be submitted anytime.
To begin the provisioning process for your site, fill out the SecureWeb Site Enrollment Form.
Once your site has been provisioned in SecureWeb, log in to the secure web portal at http://secureweb.pitt.edu and request a scan for your project.
When your scan results are returned, you can access them through http://secureweb.pitt.edu. You can audit your test results and resubmit your site if it requires additional scanning.
Complete details about SecureWeb are available on our website.