Summary Report :: Dorkbot Service [APR 2020-04]

[Cam Beasley <cam () UTEXAS EDU>]

Howdy all —

We hope you are all staying safe and healthy.

I wanted to share summary stats from the Dorkbot web application security service for Apr-2020.
Also, Dorkbot is now 3-years old (finally outta diapers).. Thanks for all of your help and support!

++++++++++++++++++++++

Dorkbot currently serves over 2,100 higher education institutions, state/local government agencies, school districts 
and other non-profits from across 7 continents (and 205 countries).

Those served include 99% of all R1, R2, R3, M1, M2 campuses and 100% of HBCUs and US Tribal Colleges.

[month = APR 2020]

Total entities subscribed = 2,155 (+0 compared to previous month)
Total entities with verified vulnerabilities = 473 (22% of subscribers)

——————
Verified XSS vulnerable pages = 3,547 (+45%)
Verified SQLi vulnerable pages = 462 (+41%)
Verified LFI vulnerable pages = 38 (+36%)
Verified RFI vulnerable pages = 00 (-100%) 
Verified OSi vulnerable pages = 03 (+0%)
——————
4,050 total verified vulnerable pages (+44%)    


++++++++++++++++++++++
Vulnerability breakdown by campus classification
++++++++++++++++++++++

55% - Universities in Other Countries
16% - R1 Universities
05% - R2 Universities
05% - Baccalaureate Colleges: Arts & Sciences Focus
05% - Universities in Canada
03% - D/PU Universities
03% - M1 Universities
03% - Education Consortiums
02% - M3 Universities
02% - M2 Universities
01% - All Other US Entities

++++++++++++++++++++++

Signing up for Dorkbot is fast & free. 
You will receive realtime alerts for any verified vulnerabilities along with a custom monthly report.

Please see the following for more information:

 https://security.utexas.edu/dorkbot

Feel free to share the signup page with any campuses, school districts or non-profits that might be able to benefit 
from this service!


++++++++++++++++++++++

I also wanted to remind folks about ISORA Lite (a free service for shared Vendor assessments).
This leverages EDUCAUSE’s HECVAT standard and there are 50 completed vendor assessments launched by EDUs across the 
country and another 80 underway.
Thus far there have been 400 unique EDU participants from over 200 campuses.  You can access ISORA Lite via:

 https://lite.isora.saltycloud.com

thanks,

~cam.


--
Cam Beasley
Chief Information Security Officer
Information Security Office
The University of Texas at Austin
security () utexas edu | 512.475.9242
http://security.utexas.edu
=======================================
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: smime.p7s
Description: