Web Maintenance and Security Policy

CSU Bakersfield Policy

Document Number:
Responsible Office:
Information Technology Services
Primary Author:
CIO & AVP of Information Technology
Last Revision Date:
Effective Date:


In order to maintain the integrity and security of web applications, CSUB uses a web scan application. This tool can scan applications for a multitude of potential breach points such as SQL Injection, cross site scripting, web security, and directory traversal, to name a few. Web Application Scan tools are very aggressive and perform a scan similar to an actual attack. It is imperative that the system to be scanned be in non-production.

Implements: Audit Report 14-52, Audit Finding #9 Web Maintenance and Security

Web Maintenance and Security Policy

Campus must perform a vulnerability scan on websites before the website is placed into production, and regularly thereafter.


A special thank you to the Information Security Work Group who is responsible for assisting the University Information Security Officer with developing and issuing information security policies, procedures and standards to the campus community. The ISWG includes Kal Shenoy, Sue Rivera, Chris Diniz, Mike Fleming, Joe Nailor, Kenton Miller, Tem Moore, Brian Chen, and Don David.