Security

Instructure Releases 4th Security Audit, With a Crowd-sourcing Twist

Phil Hill · Feb 7, 2015 ·

In the fall of 2011 I made the following argument: We need more transparency in the LMS market, and clients should have access to objective measurements of the security of a solution. To paraphrase Michael Feldstein’s suggestions from a 2009 post: There is no guarantee that any LMS is more secure just because they say they are […]

Instructure releases their third public security audit

Phil Hill · Jan 8, 2014 ·

Analysis of Instructure Security Testing

Phil Hill · Jan 10, 2012 ·

Instructure has engaged Securus Global to test the Canvas LMS product for security vulnerabilities. Instructure also invited me to be an independent observer – participating in the process and independently reporting on the testing and Instructure’s response to any vulnerabilities identified. Part 1 of this series of posts described the concept. Part 2 gave a mid-term update, describing the […]

Instructure Security Assessment Results

Phil Hill · Dec 12, 2011 ·

Instructure has engaged Securus Global to test the Canvas LMS product for security vulnerabilities. Instructure has also invited me to be an independent observer – participating in the process and independently reporting on the testing and Instructure’s response to any vulnerabilities identified. Part 1 of this series of posts described the concept. Part 2 gave a mid-term update, […]

Instructure Security Mid-Term

Phil Hill · Nov 30, 2011 ·

Analysis of Blackboard Response to Recent Disclosure of Security Vulnerabilities

Phil Hill · Oct 6, 2011 ·

There’s been an interesting set of public relations based on the recent news of Blackboard security vulnerabilities. SC Magazine’s Australian edition broke a story on September 16 about an investigation by two or more anonymous Australian universities working with a security firm, Securus Global. In conjunction with the magazine, this investigation exposed a number of security vulnerabilities […]