[jboss-user] [Beginner's Corner] - Re: JBOSS7: ASV Scan Report Attestation of Scan Compliance
Peter Johnson
do-not-reply at jboss.com
Fri Jun 1 16:46:55 EDT 2012
Peter Johnson [https://community.jboss.org/people/peterj] created the discussion
"Re: JBOSS7: ASV Scan Report Attestation of Scan Compliance"
To view the discussion, visit: https://community.jboss.org/message/739433#739433
--------------------------------------------------------------
You are using a community release. Community releases are "developer friendly". About the only security-related consideration for community edition is that by default it connects to localhost, thus it will accept only traffic from that same PC. If you change that, then *you have to lock it down*. So the fact that there are security alerts is expected for a community release.
The EAP releases, on the other hand, are locked down out-of-the-box. If a security scanner find problems with that, then I suspect the EAP team would want to hear about it .
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/739433#739433]
Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120601/67ba6bbe/attachment.html
More information about the jboss-user
mailing list