Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Summary Report :: Dorkbot Service [MAR 2019-03]

From: Cam Beasley <cam () UTEXAS EDU>
Date: Mon, 1 Apr 2019 09:11:17 -0500
hello all —

i wanted to share summary stats from the Dorkbot web application security service for the past month.

Dorkbot covers 84% of all R1 campuses in the US and many of the top universities across 6 continents (and 67 countries).

[month = MAR 2019]

total campuses subscribed = 946 (+107 campuses compared to previous month)

——————
verified XSS vulnerable pages = 2,515 (+128% compared to previous month)
verified SQLi vulnerable pages = 395 (+171% compared to previous month)
verified LFI vulnerable pages = 35 (+289% compared to previous month)
verified OSi vulnerable pages = 8 (+700% compared to previous month)
verified RFI vulnerable pages = 3 (+0% compared to previous month) 
——————

2,956 total verified vulnerable pages (+134% compared to previous month)        

++++++++++++++++++++++
% of vulnerability breakdown by campus classification
++++++++++++++++++++++

50% - Universities in Other Countries
31% - R1 Campuses
04% - R2 Campuses
04% - Higher Ed Consortiums
03% - M1 Campuses
02% - Baccalaureate Colleges: Arts & Sciences Focus
06% - All Other Entities

++++++++++++++++++++++

signing up for Dorkbot is fast & free. 
please see the following for more information:

https://security.utexas.edu/dorkbot

https://er.educause.edu/blogs/2019/2/dorkbot-a-managed-application-security-assessment-service-for-higher-education

thanks,

~cam.




--
Cam Beasley
Chief Information Security Officer
Information Security Office
The University of Texas at Austin
security () utexas edu | 512.475.9242
http://security.utexas.edu
=======================================

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: