Summary Report :: Dorkbot Service [FEB 2021-02]

["Beasley, Cam" <cam () UTEXAS EDU>]

Howdy all —

I wanted to share summary stats from the Dorkbot web application security service for Feb-2021.

Also, it has now been 4-yrs since we started offering Dorkbot to the public! 
Dorkbot has reported over 134,000 verified significant web application vulnerabilities and we are privileged to be able 
to serve so many entities across the planet.

Thanks for your support over the years!

++++++++++++++++++++++

Dorkbot currently serves over 2,300 higher education institutions, state/local government agencies, school districts 
and other non-profits from across 7 continents (and 205 countries).

Those served include 99% of all R1, R2, R3, M1, M2 Carnegie-class campuses and 100% of HBCUs and US Tribal Colleges.

[month = FEB-2021]

Total entities subscribed = 2,324

——————
Verified XSS vulnerable pages = 3,552 (-15%)
Verified SQLi vulnerable pages = 470 (+2%)
Verified LFI vulnerable pages = 27 (+42%)
Verified OSi vulnerable pages = 0
——————
4,049 total verified vulnerable pages (-13%)    


++++++++++++++++++++++
Vulnerability breakdown by campus classification
++++++++++++++++++++++

53% - Universities in Other Countries
16% - D/PU Universities
09% - R1 Universities
04% - Universities in Canada
04% - R2 Universities
03% - Baccalaureate Colleges: Arts & Sciences Focus
02% - Associates Colleges
02% - M1 Universities
02% - M3 Universities
05% - All Other US Entities

++++++++++++++++++++++
Top 5 Served Countries
++++++++++++++++++++++

United States | Thailand | Canada | Vietnam | Slovakia

++++++++++++++++++++++
Top 5 Served US States
++++++++++++++++++++++

New York | Texas | California | Massachusetts | Michigan 

++++++++++++++++++++++

Signing up for Dorkbot is fast & free. 
You will receive realtime alerts for any verified vulnerabilities along with a custom monthly report.
We can also exclude targets from the service as needed, by: IP address, host name, subdomain or regex string in a URL.

Please see the following for more information:

https://security.utexas.edu/dorkbot

Feel free to share the signup page with any campuses, school districts or non-profits that might be able to benefit 
from this service!

++++++++++++++++++++++
++++++++++++++++++++++

Please also remember ISORA Lite (a free service for shared vendor assessments).
This leverages EDUCAUSE’s HECVAT standard and there are 189 (+6% from previous month) completed vendor assessments 
launched by EDUs across the country and another 24 underway.  

Vendor reporting has been updated and now compares vendors to other vendors in a common vertical.

Thus far there have been 561 unique EDU participants from over 277 campuses.  You can access ISORA Lite via:

https://lite.isora.saltycloud.com

thanks,

~cam.



--
Cam Beasley (he/him/his)
Chief Information Security Officer
Information Security Office
The University of Texas at Austin
security () utexas edu | 512.475.9242
http://security.utexas.edu
=======================================


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: smime.p7s
Description: