Canvass is PMI’s web-enabled distribution system monitoring and analysis platform. Deploying Canvass as a web application provides a wide array of benefits: one installation base (no need to push updates to hundreds of customers over dozens of different operating system versions, etc.); no operating system restrictions (available on UNIX, Linux, Mac and Windows with a modern web browser); and no hardware restrictions (available on desktops, laptops, tablets and most modern smartphones). However, there are also some drawbacks. Being a web application, the software is available 24 hours a day, 7 days a week, 365 days a year to anyone anywhere in the world with an Internet connection. This potentially opens the application to a barrage of traffic – most of which is benign in nature. However, there are a variety of malicious interests constantly attempting to penetrate web systems.

This white paper includes:

• Security considerations
• How PMI implements cybersecurity in Canvass
• Whitehat security
• The Whitehat testing process
• What was tested
• The results
• Standards