Made in Austin

Just five years ago, the University of Texas’ technology team spent their lunch breaks “hacking” Google to find vulnerabilities on the school’s website.

It’s also known as “Google dorking,” a technique often used by security teams — and even criminals — to manipulate search engines in a way that finds unprotected information.

“We would sit around during lunch as a team, finding these things manually,” said Cam Beasley, chief information security officer at UT’s Information Security Office. “We realized, wow, we could automate this.”

The team created “Dorkbot,” an automated Google dorking system that was extended to all UT System campuses by 2016.

And one year later, the security team made Dorkbot available at no cost to higher education institutions across the world. Its source code is also available for institutions that want to contribute to the project or operate Dorkbot on their own.

“We knew that a number of campuses were short on staff, short on resources and needed to have this capability,” Beasley said.

Now, more than 1,000 campuses across six continents have subscribed to the service, including almost every institution in Texas, according to Beasley.

Dorkbot reported more than 26,400 high-risk web application vulnerabilities in 2018.

The system sends automated reports to each campus, allowing security teams to review vulnerabilities on their web applications and compare their security to similar sized institutions.

"It's a very interesting look at your campus with more perspective," Beasley said.

And JJ Guy, chief operating officer of Austin-based cybersecurity firm Jask, said Dorkbot is a useful tool because similar tools are not well-suited for higher education institutions. Other tools are often pricey or the product capability doesn't work.

Jask does not name its customers, but Guy said all three of the company’s higher education customers integrate Dorkbot with Jask tools. The customers are a university in Texas, a university in Canada and a state board of education in the western U.S.

READ MORE: Cybersecurity firm Jask makes Austin sole headquarters

Although there's no formal relationship between Jask and Dorkbot, Guy said the automated tool has been helpful for the company's higher education customers.

"There's some commercial tools out there that help provide companies the ability to do this, but they're expensive," Guy said. "The pricing models just don't work for higher education."

Jim O'Gorman, chief content and strategy officer at Offensive Security, noted that a tool like Dorkbot can't be used alone for security.

"You'd back that up with manual efforts to read and interpret the results of the tool," O'Gorman said. "When you're doing a deep dive, you're never going to just rely on only Dorkbot."

Offensive Security offers courses for information security professionals to proactively test security measures, which O'Gorman said dives into what a human can do to offset potential hacks.

Although Dorkbot is just one stage of preventing an attack on a web application, the team at UT saw the number of Dorkbot subscribers double from 250 in 2017 to more than 500 in 2018.

And Dorkbot's data showed that the vulnerability risk for long-term subscribers during that time decreased by roughly 55 percent.

“Nothing that we know of that does this,” Beasley said, adding that there are similar tools available for purchase, but “nothing that we’ve seen that’s as elegant or efficient as what we do.”