Category: Security

Posts about security, privacy and compliance for Trust.arcgis.com.

Make Your Mark in the GIS of the World

Featured Image Thumbnail

Just Click on the My Contributions tab to Share Important Data As you may have heard, the Living Atlas of the World website has undergone a redesign to make finding what you need and contributing content as easy as possible. … Continue reading

Posted in 3D GIS, Analysis & Geoprocessing, Apps, ArcGIS Online, ArcGIS Pro, Community Maps, Electric & Gas, Health, Hydro, Imagery, Local Government, National Government, Oceans & Maritime, Open Data, Petroleum, Portal for ArcGIS, Public Safety, Sciences, Security, State Government, Telecommunications, The ArcGIS Book, Transportation, Uncategorized, Water Utilities | Tagged , , , , , , , , , , | Leave a comment

Struts Vulnerability Bandwagon

SecurityReview

While we don’t have a habit of announcing when our products are NOT vulnerable to a specific security issue, sometimes IT teams pounce on the panic button (understandably) when they hear about a new critical vulnerability that hit the media mainstream.  … Continue reading

Posted in Security | Tagged , , | Leave a comment

Content for the Planet Comes to Life with Redesigned Living Atlas Website

Living Atlas of the World website redesign release blog post thumbnail

Discovery and Contribution is now effortless The redesigned Living Atlas of the World website has been released. The goals of the redesign were to make it easier to discover Living Atlas content and contribute items to the Living Atlas. The … Continue reading

Posted in 3D GIS, Analysis & Geoprocessing, Apps, ArcGIS Online, ArcGIS Pro, Community Maps, Electric & Gas, Health, Hydro, Imagery, Local Government, National Government, Oceans & Maritime, Open Data, Petroleum, Portal for ArcGIS, Public Safety, Sciences, Security, State Government, Telecommunications, The ArcGIS Book, Transportation, Uncategorized, Water Utilities | Tagged , , , , , | 2 Comments

Esri Privacy & Security Assurance Advancements

We are kicking off the beginning of the year with some significant privacy & security assurance improvements:

Continue reading

Posted in Security | Tagged , , | Leave a comment

Open-source Geoportal Server Security Patch

secpatch

We recently patched a Cross-Site-Scripting (XSS) vulnerability within Geoportal Server and posted the patch to GitHub. Current 1.2.7 installations should just apply the patch, whereas installations before 1.2.7 will need to upgrade to 1.2.7 and then apply this patch.  The … Continue reading

Posted in Security | Tagged , | 2 Comments

ArcGIS Server and Portal Security 2017 Patches Released

secpatch

The first set of security patches for ArcGIS Server and Portal for ArcGIS in 2017 were just released.   We recommend our customers apply these patches in a timely manner.  To be clear, there are separate security patches for ArcGIS Server and … Continue reading

Posted in Security | Tagged , , | 2 Comments

Portal for ArcGIS Security Patch (2016 Update2)

secpatch

The second security patch for ArcGIS Server in 2016 was released in May, and now the second security patch of Portal for ArcGIS in 2016 is being released (hence the name 2016 Update2).   We recommend our customers apply this patch in a timely … Continue reading

Posted in Security | Tagged , , | Leave a comment

ArcGIS Server Security Patch (2016 Update2)

patchicon

Esri has released a significant security update for ArcGIS Server and we recommend our customers apply this patch in a timely manner.  Key security patch components are: 1.) Cumulative, containing fixes from the 2016 Update1 Linux security patch (there was … Continue reading

Posted in Security | Tagged , , | 5 Comments

What do SSL, TLS, PCI, and DROWN have in common with ArcGIS?

Find out in our newly released ArcGIS Platform SSL/TLS Support and Configuration Briefing. If you have questions about any of the security items in the title of this post and ArcGIS products, whether past versions or current, we suggest you check it out.

NOTE: Even if you don’t know or care about these various acronyms, but you want to ensure the most secure ArcGIS deployment possible, it is worthwhile to check out the briefing for focused, secure architecture and configuration enlightenment based on real-world deployments.

Let us know what you think of this briefing – We have more in the queue and welcome your feedback/suggestions to SecureSoftwareServices@Esri.com.

- The Security Standards & Architecture Team

Posted in Security | Tagged | Leave a comment

License Manager Security Update

ArcGIS License Manager is built with a third party software component called Flexera FlexNet Publisher. Recently, a CVE (CVE-2015-8277) was released detailing buffer overflow vulnerabilities associated with Flexera FlexNet Publisher.  Esri is providing ArcGIS 10.4 License Manager to resolve these Flexera-based vulnerabilities. Continue reading

Posted in ArcGIS Enterprise, Security | Tagged , , , , | 10 Comments