Lessons from the ArcGIS SOE Vulnerability
A deep analysis of how a modified ArcGIS Server Object Extension (SOE) was used as a backdoor, and what GIS administrators can do to secure their infrastructure.
Read more →Insights & Articles
AI and Spatial Analytics: The Future of GeoAI
Exploring how AI is transforming geospatial intelligence through deep learning, object detection, predictive analysis, and operational automation.
Read more →Securing GeoNetwork with OpenID Connect
Best practices for integrating OpenID Connect authentication in GeoNetwork to improve access control, compliance, and user experience.
Read more →2025 GIS Vulnerabilities Digest
An overview of the most significant 2025 security flaws affecting ArcGIS Server, Portal for ArcGIS, ArcGIS Pro, and GeoServer, with verified advisories and mitigation guidance.
Read more →GeoServer Security Alerts 2025 — REST API Bypass and XXE Vulnerabilities
In 2025, new security flaws in GeoServer allowed potential unauthorized access and XML injection via REST and GeoTools components. Administrators are urged to apply the latest patches.
Read more →GeoNetwork XXE Vulnerability 2025 — Data Exposure Risk in Metadata Parsing
GeoNetwork was affected by a critical XML External Entity vulnerability (CVE-2025-30220), which could allow external entity injection and potential server-side request forgery.
Read more →Portal for ArcGIS Vulnerabilities 2025 — SSRF, XSS, and Credential Exposure
Esri Portal for ArcGIS received several 2025 security updates addressing critical vulnerabilities in Enterprise Sites and core Portal components.
Read more →GIS Security Patch Management — Best Practices for 2025
With the rise of new vulnerabilities in GeoServer, GeoNetwork, and Portal for ArcGIS, effective patch management has become a core pillar of GIS cybersecurity. This article highlights proactive measures, automation tips, and compliance alignment strategies.
Read more →