Educause Security Discussion mailing list archives
Summary Report :: Dorkbot Service [FEB 2019-02]
From: Cam Beasley <cam () UTEXAS EDU>
Date: Fri, 1 Mar 2019 13:54:51 -0600
hello all — i wanted to share summary stats from the Dorkbot web application security service for the past month. Dorkbot covers 82% of all R1 campuses in the US and many of the top universities across 6 continents (and 30 countries). [month = FEB 2019] total campuses subscribed = 839 (+37 campuses compared to previous month) —————— verified XSS vulnerable pages = 1,105 (-59% compared to previous month) verified SQLi vulnerable pages = 146 (-54% compared to previous month) verified LFI vulnerable pages = 9 (-69% compared to previous month) verified OSi vulnerable pages = 1 (-33% compared to previous month) verified RFI vulnerable pages = 3 (+50% compared to previous month) —————— 1,264 total verified vulnerable pages (-59% compared to previous month) ++++++++++++++++++++++ % of vulnerability breakdown by campus classification ++++++++++++++++++++++ 39% - Universities in Other Countries 37% - R1 Campuses 07% - R2 Campuses 06% - State Agencies 05% - All Other Entities 03% - Baccalaureate Colleges: Arts & Sciences Focus 02% - M1 Campuses 01% - All Other Entities ++++++++++++++++++++++ this month we also shared exposure details with Dorkbot subscribers related to the major collections mentioned here: https://www.troyhunt.com/the-race-to-the-bottom-of-credential-stuffing-lists-and-collections-2-through-5-and-more/ signing up for Dorkbot is fast & free. please see the following for more information: https://security.utexas.edu/dorkbot https://er.educause.edu/blogs/2019/2/dorkbot-a-managed-application-security-assessment-service-for-higher-education thanks, ~cam. -- Cam Beasley Chief Information Security Officer Information Security Office The University of Texas at Austin security () utexas edu | 512.475.9242 http://security.utexas.edu =======================================
Attachment:
smime.p7s
Description:
Current thread:
- Summary Report :: Dorkbot Service [FEB 2019-02] Cam Beasley (Mar 01)