UAB IT has developed a dedicated threat and vulnerability team to better protect campus data.

Vulnerabilities — such as security misconfigurations or exploitable, unpatched software — could leave campus computers open to cyberattacks, and remain an ongoing threat. The vulnerability team, working in tandem with other teams in UAB IT and across campus, aims to make mitigating those potential attack points a top priority.

Joseph Boehm, information security engineer, is a team member who focuses on penetration testing and vulnerability management. Other roles on the team include threat hunting and liability management. 

“We see things that we need to take care of every day and new things to take care of as well. Our team was created to keep up with all the new things that pop up that required a dedicated resource,” Boehm said.  

The group can take the vulnerability data collected from testing and combine it with active threat hunting to be as effective as possible and help tackle any issues. Boehm said the overall goal for the team is to reduce the number of vulnerabilities on campus.  

Some of the team’s achievements so far have been increasing the overall awareness across campus and introducing a new reporting system. With the new way to report, the team can communicate with campus leaders about the threats they may be facing in each unit.  

Boehm said he hopes to see the team grow and be more proactive in the future to come.