CivicEngage Central is third-party penetration and vulnerability tested biannually. Requests to conduct penetration testing may also be submitted.
Request a Statement of Opinion
CivicEngage Central customers may request our third-party provider’s “Statement of Opinion”, the formal results of their penetration and vulnerability testing, by providing the following information to CivicPlus, via our Technical Support team.
- Name and Contact Information: CivicPlus customer organization Point of Contact (POC)
- Product: CivicEngage Central
- Request: Please provide the latest CivicEngage Central Statement of Opinion from third-party provider penetration testing
- Route to: Hosting and Security
- Reference: Insert the URL for this article
Conduct Additional Penetration Testing
Additional penetration testing may be contracted or performed by CivicPlus customers. However, CivicPlus does not take responsibility or liability for any damages that may result from these tests, and CivicPlus may hold a customer responsible for damages to any shared resources. Customers may request a replicated test environment or dedicated server to be used for the purpose of testing (additional charges apply) to remove any risk to shared resources. If CivicPlus determines that penetration testing has any negative impact on shared resources, CivicPlus may revoke the privilege to continue penetration testing and take any necessary action to prevent further damage.
Penetration testing of websites on shared resources may be performed on the weekends only. At least 3 business days before any penetration testing is to be conducted, customers must provide the following information to CivicPlus Technical Support.
- The dates of when the testing will take place.
- The IP source(s).
- The target website(s) of the testing.
- The name and contact information of the CivicPlus customer organization POC.
If a testing environment is needed, please include this in your request and submit this request at least 10 business days prior to your scheduled testing date.
Reports from penetration testing may be submitted to CivicPlus via technical support for evaluation following our vulnerability submission process.