IT Security

Host Vulnerability Scanning

Providing automatic host auditing and vulnerability management across the campus

The goal of the Vulnerability Program is to facilitate the attainment of IS-3 compliance for all UCLA units. To achieve compliance, units are responsible for meeting the IS-3 requirements below, (regardless of manages scans and reports, the unit or the IT Security Office). Ultimately, the unit are accountable for the remediation and protection of their environments. 

Scanning

  • IT Security centrally-managed scanners – credentialed or non-credentialed. 
  • Unit scanner   – credentialed or non-credentialed, reporting to the central cloud-based console.
    • Note: Non-credentialed scans are prone to false positives and as a result, more Unit resource effort is required to validate that reports are IS-3 compliant. 
  • Agent-based – Reports back to the central cloud-based console (on par with credentialed scans).

Reporting

Upon the completion of the scans, reports will be generated by or either the unit or centrally by the IT Security team. . 

Remediation Guidance

The IT Security Office will assist units in interpreting vulnerability results and providing best practices for managing vulnerabilities.
Due to the complex nature of the Vulnerability Management Program (VMP), the following training is available:

  • Leadership training – reading and understanding reports 
  • Service Providers and UISL – understanding scans and reports
  • Discussion Forum – in depth response to VMP questions

Service Level Commitments

The IT Security Office will provide units with the following service level commitments: 

  • Unit Tenancy set up – 5 days
  • User Accounts – 3 days 
  • Scan set up – 3 days
  • Report setup – 3 days
  • Remediation guidance – 1-3 days
  • Training coordination – 5 days

Unit Responsibilities

  • Provide IPs/Ranges 
  • Schedule and start scans, if unit managed
  • Remediate vulnerabilities

IT Security Team

  • IT Security Lead :  Adrian Mohuczy-Dominiak
  • Security Analyst: Ike Oparaocha
  • Project Manager: Doug Sumner

Available to

Eligibility

Eligibility varies per service. Contact your ITCC for details.

Requirements

Only available for campus departments via service request.