I'm a member of the Software Security and Privacy Team. I also help out with Esri's Product Security Incident Response Team. I've been with Esri almost 14 years now. Before joining the Software Security and Privacy Team, I was a senior technical lead in Esri Support Services, focusing on deploying, securing, and using ArcGIS Enterprise technology.
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in ArcGIS Enterprise portal. Esri has released a patch.
This white paper offers guidance for how to design and configure a public Survey with privacy in mind.
Esri has recently discovered a critical vulnerability in ArcGIS Server and has released a patch to address this issue.
The Portal for ArcGIS Security 2019 Update 2 Patch is now available!
The ArcGIS Server Security 2019 Update 2 Patch is now available!
The ArcGIS License Manager 2019.0 is available. This update addresses several vulnerabilities in Flexera FlexNet Publisher.
A new repository of documents is now available exclusively for users who have subscribed to an ArcGIS account.
ArcGIS Workflow Manager Security Update Patch is available now. Esri recommends all Workflow Manager Server users apply this patch.
Users that have configured the SAML options "Enabled Signed Requests" or "Encrypt Assertion" should update their ArcGIS Online metadata file.
