Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn


Friday, November 27, 2015

  New Resources
Security Logging Service
Travel Tips for Data Security
Free Security/Privacy Training Resources
Two-step verification
Combating Malware
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Wireless Networking
Encryption & digital signatures
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
  More in-depth information for
Local support providers
System administrators
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
  Related links
Electronic privacy
Worms, trojans, backdoors

Goals/Deliverables of the team:

  • Develop Best Practices
  • Create an Appendix to Critical Host Policy
  • Draft Web Application Standards - Technical Document
    • Use OWASP as a starting point
  • Conduct 1-2 hour Annual Training Session
  • Develop Code Samples (Library of code sets by application - Java, Cold Fusion, etc.)
  • Volunteer Code Review (Between schools/centers); Special Interest Group;
    • PennKey "gatekeeper" - Code Review is required if you use PennKey to Authenticate.


  • Begin by walking through OWASP Top 10 in detail, one vulnerability at a time, to develop Penn's Best Practices/Technical Documentation.

Communication Vehicles:

  • IT Roundtable
  • Website

Back to SWAT Homepage

Last updated: Wednesday, January 3, 2007


Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania