[jboss-user] [Beginner's Corner] - Re: JBOSS7: ASV Scan Report Attestation of Scan Compliance

Peter Johnson do-not-reply at jboss.com
Fri Jun 1 16:46:55 EDT 2012


Peter Johnson [https://community.jboss.org/people/peterj] created the discussion

"Re: JBOSS7: ASV Scan Report Attestation of Scan Compliance"

To view the discussion, visit: https://community.jboss.org/message/739433#739433

--------------------------------------------------------------
You are using a community release. Community releases are "developer friendly". About the only security-related consideration for community edition is that  by default it connects to localhost, thus it will accept only traffic from that same PC. If you change that, then *you have to lock it down*. So the fact that there are security alerts is expected for a community release.

The EAP releases, on the other hand, are locked down out-of-the-box. If a security scanner find problems with that, then I suspect the EAP team would want to hear about it .
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/739433#739433]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120601/67ba6bbe/attachment.html 


More information about the jboss-user mailing list