Security icon

Services and tools that safeguard UC Berkeley's computing resources and data such as desktop configuration, mobile device management, authentication systems, antivirus software, firewalls, and network monitoring.

Aggressive IP Distribution (AID) List

The Aggressive IP Distribution (AID) list is a list of IP addresses that Information Security and Policy (ISP) has seen aggressively attacking campus hosts in an attempt to exploit known security weaknesses. The data for this list is taken from both campus-run Intrusion Detection Systems (IDS) and various systems on campus. The list is then published so that it can be used by local administrators to help protect campus electronic systems from network based attacks.
Information Security and Policy (ISP)

Application Security Testing Program (ASTP)

Information Security and Policy's (ISP) Application Security Testing Program (ASTP) offers a consultative application security assessment for applications handling Protection Level 2 Data. These assessments are similar to penetration tests and provide a hands-on, manual security evaluation of an application. Any UC Berkeley application handling Protection Level 2 Data, including California State Law "Notice-Triggering information," must pass an application security assessment to remain in compliance with the UC Berkeley Minimum Security Standards for Electronic Information (MSSEI).
Information Security and Policy (ISP)

California State CPHS Data Security Assessment

Information Security and Policy (ISP) offers an assessment service to help the Berkeley research community comply with California State CPHS data security requirements. ISP Security Analyst will engage research staff and/or primary IT support staff to evaluate the IT system according to State CPHS data security requirements.
Information Security and Policy (ISP)

Device Security (BigFix)

BigFix (formerly called TEM) is the endpoint management system leveraged centrally by EEI and locally by departmental IT partners to improve the security posture of the UC Berkeley network, help simplify systems lifecycle management, provide machine inventory for data driven decisions, and reduce common IT tasks for overall time savings.
Information Services and Technology (IST) - Endpoint Engineering and Infrastructure (EEI)

Information Security Support

The Information Security and Policy team are available for consultation on various issues related to information security: educating the campus community about privacy and security policies, practicing cyber self-defense, using available security tools, being alert to potential danger signs, reporting unusual behaviors, and taking corrective action when necessary.

Information Security and Policy

Log Correlation

Information Security and Policy (ISP) has implemented the Log Correlation Program, an enterprise grade audit logging and analysis software solution (based on HP ArcSight), to aid in managing, correlating, and detecting suspicious activities related to the campus' most critical data assets. All systems which meet the classification standard as an Institutional Device for Protection Level 2 data are eligible to participate in the program. Keywords: log correlation, logging, siem
Information Security and Policy (ISP)

MSSEI Assessment Service

Minimum Security Standards for Electronic Information (MSSEI) are a minimum set of security controls that systems must meet in order to handle campus data. Information Security and Policy (ISP) offers an assessment service following the security requirements of MSSEI to identify technical and procedural weaknesses in campus applications that store, process or transmit Protection Level 2 (PL2) and Protection Level 3 (PL3) data.
Information Security and Policy (ISP)


The UC Berkeley Departmental Security Contact Policy requires that campus departments designate a Security Contact to receive security email notifications and alerts for their networked devices. To assist campus departments in maintaining security contact information, Information Systems and Policy (ISP) maintains NetReg, a self-service network registration portal. Netreg is used by departmental security contacts to maintain their registration information. Such information includes information about
Information Security and Policy (ISP)

Network Intrusion Detection Systems

Information Security and Policy (ISP) operates several "Intrusion Detection Systems” (IDS) to detect and respond to information security incidents involving computers connected to the campus network. These automated systems monitor and analyze network traffic and generate alerts in response to activity that either matches known signatures for malicious activity or is anomalous. Alerts are reviewed by ISP security analysts, and if warranted notifications are sent to designated security contacts for investigation and remediation.
Information Security and Policy (ISP)

Restricted Data Management (RDM)

Information Security and Policy (ISP) offered an internally developed application called Restricted Data Management (RDM) that was retired in 2018. Its functionality was replaced by Restricted Data Application registration within NetReg. The NetReg team has worked with departments who had systems registered in the old application to transfer their data to NetReg.

Information Security and Policy (ISP)

Vendor Security Assessment Program

Information Security and Policy's (ISP) Vendor Security Assessment Program (VSAP) is an evaluation service for third-party service providers that handle Protection Level 2 (PL2) data on behalf of the university. Campus policy requires that these service providers comply with the requirements of the UC Berkeley Minimum Security Standard for Electronic Information (MSSEI).
Information Security and Policy (ISP)

Vulnerability Scanning

Information Security and Policy (ISP) offers both campus-wide and departmental vulnerability scanning to detect systems which may be vulnerable to attack.

Information Security and Policy (ISP)