Municipal Websites Central is third-party penetration and vulnerability tested biannually. Requests to conduct penetration testing may also be submitted.
Request a Statement of Opinion
Municipal Websites Central customers may request our third-party provider’s "Statement of Opinion," the formal results of their penetration and vulnerability testing, by providing the following information to CivicPlus through our Technical Support team:
Name and Contact Information: CivicPlus customer organization POC
Product: Municipal Websites Central
Request: Please provide the latest Municipal Websites Central Statement of Opinion from the third-party provider on penetration testing
Route to: Site Reliability
Reference: Insert the URL for this article
Conduct Additional Penetration Testing
Additional penetration testing may be contracted or performed by CivicPlus customers. However, CivicPlus does not take responsibility or liability for any damages that may result from these tests, and CivicPlus may hold a customer responsible for damages to any shared resources. Customers may request a replicated test environment or dedicated server to be used for the purpose of testing (additional charges apply) to remove any risk to shared resources. If CivicPlus determines that penetration testing has any negative impact on shared resources, CivicPlus may revoke the privilege to continue penetration testing and take any necessary action to prevent further damage.
Penetration testing of websites on shared resources may be performed on the weekends only. At least 3 business days before any penetration testing is to be conducted, customers must provide the following information to CivicPlus Technical Support:
The dates of when the testing will take place
The IP source(s)
The target website(s) of the testing
The name and contact information of the CivicPlus customer organization POC
If a testing environment is needed, please include this in your request and submit this request at least 10 business days before your scheduled testing date.
Reports from penetration testing may be submitted to CivicPlus through Technical Support for evaluation following our vulnerability submission process.