Security

Security icon

Services and tools that safeguard UC Berkeley's computing resources and data such as desktop configuration, mobile device management, authentication systems, antivirus software, firewalls, and network monitoring.

Aggressive IP Distribution (AID) List

The Aggressive IP Distribution (AID) list is a list of IP addresses that the Information Security Office (ISO) has seen aggressively attacking campus hosts in an attempt to exploit known security weaknesses. The data for this list is taken from both campus-run Intrusion Detection Systems (IDS) and various systems on campus. The list is then published so that it can be used by local administrators to help protect campus electronic systems from network based attacks.
Information Security Office (ISO)

Application Security Testing Program (ASTP)

The Information Security Office (ISO) Application Security Testing Program (ASTP) offers a consultative application security assessment for applications handling Protection Level 2 Data. These assessments are similar to penetration tests and provide a hands-on, manual security evaluation of an application. Any UC Berkeley application handling Protection Level 2 Data, including California State Law "Notice-Triggering information," must pass an application security assessment to remain in compliance with the UC Berkeley Minimum Security Standards for Electronic Information (MSSEI).
Information Security Office (ISO)

California State CPHS Data Security Assessment

The Information Security Office (ISO) offers an assessment service to help the Berkeley research community comply with California State CPHS data security requirements. ISO Security Analysts will engage research staff and/or primary IT support staff to evaluate the IT system according to State CPHS data security requirements.
Information Security Office (ISO)

Device Security (BigFix)

BigFix (formerly called TEM) is the endpoint management system leveraged centrally by EEI and locally by departmental IT partners to improve the security posture of the UC Berkeley network, help simplify systems lifecycle management, provide machine inventory for data driven decisions, and reduce common IT tasks for overall time savings.
Information Services and Technology (IST) - Endpoint Engineering and Infrastructure (EEI)

Information Security Support

The Information Security Office is available for consultation on various issues related to information security: educating the campus community about privacy and security policies, practicing cyber self-defense, using available security tools, being alert to potential danger signs, reporting unusual behaviors, and taking corrective action when necessary.

Learn more at security.berkeley.edu
Information Security Office (ISO)

Log Correlation

The Information Security Office (ISO) has implemented the Log Correlation Program, an enterprise grade audit logging and analysis software solution (based on HP ArcSight), to aid in managing, correlating, and detecting suspicious activities related to the campus' most critical data assets. All systems which meet the classification standard as an Institutional Device for Protection Level 2 data are eligible to participate in the program.
Information Security Office (ISO)

MSSEI Assessment Service

Minimum Security Standards for Electronic Information (MSSEI) are a minimum set of security controls that systems must meet in order to handle campus data. The Information Security Office (ISO) offers an assessment service following the security requirements of MSSEI to identify technical and procedural weaknesses in campus applications that store, process or transmit Protection Level 2 (PL2) and Protection Level 3 (PL3) data.
Information Security Office (ISO)

NetReg

The Information Security Office (ISO) maintains NetReg, a self-service network registration portal, to assist campus departments in maintaining security contact information.

Information Security Office (ISO)

Network Intrusion Detection Systems

The Information Security Office (ISO) operates several "Intrusion Detection Systems” (IDS) to detect and respond to information security incidents involving computers connected to the campus network. These automated systems monitor and analyze network traffic and generate alerts in response to activity that either matches known signatures for malicious activity or is anomalous. Alerts are reviewed by ISO security analysts, and if warranted notifications are sent to designated security contacts for investigation and remediation.
Information Security Office (ISO)

Vendor Security Assessment Program

The Information Security Office (ISO) Vendor Security Assessment Program (VSAP) is an evaluation service for third-party service providers that handle Protection Level 2 (PL2) data on behalf of the university. Campus policy requires that these service providers comply with the requirements of the UC Berkeley Minimum Security Standard for Electronic Information (MSSEI).
Information Security Office (ISO)

Vulnerability Scanning

The Information Security Office (ISO) offers both campus-wide and departmental vulnerability scanning to detect systems which may be vulnerable to attack.

Information Security Office (ISO)