Project Global Universities (PGU) is an initiative dedicated to identifying and addressing unpatched security vulnerabilities within university systems worldwide. By conducting thorough scans of various academic institutions, the project aims to enhance cybersecurity and protect sensitive educational data from potential threats. This proactive approach not only strengthens individual universities' defenses but also contributes to a safer global higher education network by sharing insights and best practices across institutions.
Universities play a crucial role in society. They push limits with their research and educate tomorrow's professionals, but they also have a lot of valuable (and potentially sensitive) data which is an attractive target for cyber criminals.
For now, we will focus our efforts on Universities in the Netherlands, but eventually we hope to expand our scope to the rest of Europe and eventually, the world.
CSIRT.global aims to research vulnerabilities in the publicly available assets of universities. We use publicly available sources to find assets and assess if they are vulnerable. If we find something vulnerable, we will report it to the university so that they can fix it before a malicious actor finds the vulnerabilitiy.
Our main priority is to make the digital world a safer place, but this project is also a great internship for students. They learn how to use security tools, how to responsibly disclose a vulnerability and how to communicate professionally. By letting students do this, we train future security experts while helping universities increase their digital safefty.
In 2024, DIVD had a project called Global NGO's. After a discussion on if universities should belong to the scope of that project, it was decided that universities should have their own project.
In 2025, we started with the project with the universities in the netherlands as scope. We scanned on our own initiative after informing the universities. Our students reported several vulnerabilities to the universities. We learned a lot from the things that didn't work well the first time around.
We will keep improving our process. When we are ready, we will expand the scope to Europe and eventually the world. We are also considering setting up similar projects for other forms of education.
This project is being done by volunteers, students and interns from CSIRT.global, DIVD Academy and DIVD Works. These organisations are part of the DIVD family and work together closely
We are preparing and onboarding the team at this moment. :-)
