Educause Security Discussion mailing list archives
Summary Report :: Dorkbot Service [OCT 2019-10]
From: Cam Beasley <cam () UTEXAS EDU>
Date: Fri, 1 Nov 2019 10:14:14 -0500
hello all — I wanted to share summary stats from the Dorkbot web application security service for the past month. ++++++++++++++++++++++ Dorkbot currently serves over 1,700 higher education institutions, state/local government agencies and other non-profits from across 7 continents (and 155 countries). Those served include 99% of all R1, R2, R3, M1 campuses and 100% of HBCUs. [month = OCT 2019] Total entities subscribed = 1,742 (+141 compared to previous month) Total entities with verified vulnerabilities = 561 (32% of subscribers) —————— Verified XSS vulnerable pages = 5,067 (-27%) Verified SQLi vulnerable pages = 516 (-48%) Verified LFI vulnerable pages = 53 (-48%) Verified RFI vulnerable pages = 12 (+0%) Verified OSi vulnerable pages = 4 (-79%) —————— 5,652 total verified vulnerable pages (-30%) ++++++++++++++++++++++ Vulnerability breakdown by campus classification ++++++++++++++++++++++ 50% - Universities in Other Countries 10% - Universities in Canada 21% - R1 Universities 06% - R2 Universities 03% - D/PU Universities 03% - M1 Universities 02% - Baccalaureate Colleges: Arts & Sciences Focus 02% - State Agencies 03% - All Other US Entities ++++++++++++++++++++++ Signing up for Dorkbot is fast & free. You will receive realtime alerts for any verified vulnerabilities along with a custom monthly report. Please see the following for more information: https://security.utexas.edu/dorkbot https://er.educause.edu/blogs/2019/2/dorkbot-a-managed-application-security-assessment-service-for-higher-education Feel free to share the signup page with any campuses, school districts, or non-profits that might be able to benefit from this service. thanks, ~cam. -- Cam Beasley Chief Information Security Officer Information Security Office The University of Texas at Austin security () utexas edu | 512.475.9242 http://security.utexas.edu ======================================= ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Attachment:
smime.p7s
Description:
Current thread:
- Summary Report :: Dorkbot Service [OCT 2019-10] Cam Beasley (Nov 01)
- Re: Summary Report :: Dorkbot Service [OCT 2019-10] Irigoyen, Alex (Nov 11)