Educause Security Discussion mailing list archives

Security Assessment of iMathAS

From: Miguel Hernandez <miguel.hernandez () DOMAIL MARICOPA EDU>
Date: Fri, 20 Jan 2017 12:24:41 -0700

Colleagues,

Has anyone conducted an assessment of the Internet Mathematics Assessment
System (iMathAS) [http://www.imathas.com]?  We've conducted both a static
code analysis using CheckMarx as well as a penetration test against the
app, both with very "interesting" results.  For those running iMathAS, how
have you secured it?  We are willing to share and discuss results with
anyone interested privately.


[image: eSig Logo]
Miguel Hernandez IV, Ph.D. CISSP, CISA
Associate Vice Chancellor ITS
Chief Information Security Officer
2411 West 14th Street, Tempe AZ 85281
email | miguel.hernandez () domail maricopa edu
website | https://www.maricopa.edu
*Follow me on Twitter <https://twitter.com/mh4phd>.*

This message contains information which may be confidential and/or
privileged. If you are not the intended recipient of this message, please
notify the sender, delete and do not use or disseminate this information.

Current thread:

Security Assessment of iMathAS Miguel Hernandez (Jan 20)
- Re: Security Assessment of iMathAS Shawn Merdinger (Jan 20)