Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Summary Report :: Dorkbot Service [JUN 2019-06]

From: Cam Beasley <cam () UTEXAS EDU>
Date: Mon, 1 Jul 2019 08:32:54 -0500
hello all —

i wanted to share summary stats from the Dorkbot web application security service for the past month.

++++++++++++++++++++++

Dorkbot currently serves over 1,200 higher education institutions, state/local government agencies and other 
non-profits from across 6 continents (and 100 countries).
Those served include 94% of all R1 campuses, 99% of R2 campuses and 100% of HBCUs.

[month = JUNE 2019]

total campuses subscribed = 1,210 (+180 campuses compared to previous month)

——————
verified XSS vulnerable pages = 1,594 (-47% compared to previous month)
verified SQLi vulnerable pages = 212 (-42% compared to previous month)
verified LFI vulnerable pages = 14 (-30% compared to previous month)
verified OSi vulnerable pages = 06 (-60% compared to previous month)
verified RFI vulnerable pages = 00 (-100% compared to previous month) 
——————
1,826 total verified vulnerable pages (-42% compared to previous month) 


++++++++++++++++++++++
% of vulnerability breakdown by campus classification
++++++++++++++++++++++

40% - Universities in Other Countries
16% - R1 Universities
08% - R2 Universities
07% - Baccalaureate Colleges: Arts & Sciences Focus
05% - Higher Ed Consortiums
05% - M1 Universities
04% - State Agencies
03% - D/PU Universities
03% - M2 Universities
02% - Universities in Canada
07% - All Other Entities

++++++++++++++++++++++

Signing up for Dorkbot is fast & free. 
You will receive realtime alerts for any verified vulnerabilities along with a custom monthly report.

Please see the following for more information:

    https://security.utexas.edu/dorkbot

    https://er.educause.edu/blogs/2019/2/dorkbot-a-managed-application-security-assessment-service-for-higher-education

Please note that many smaller campuses in your area may not be as well connected to this community. 
Feel free to share the signup page with any such campuses you might be associated that could benefit from this service.

thanks,

~cam.



--
Cam Beasley
Chief Information Security Officer
Information Security Office
The University of Texas at Austin
security () utexas edu | 512.475.9242
http://security.utexas.edu
=======================================

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: