Innovation Brief

SIP Flyer

Student Innovation Project Card

Presentation videos can be found at the following links:

Short SIP: https://youtu.be/70kqYwjmPYs

Long SIP: https://youtu.be/zYbba56l7xE

Here is the Innovation Brief for my University of Advancing Technology Student Innovation Project:
Innovation Brief

Security Scraper

A Content Aggregator for the Security Industry

Devon Stephens
University of Advancing Technology
January 2015 – May 2016

Abstract
The goal of this project is to be a convenient place to view web content feeds for the network security industry. It is meant to save time and frustration while trying to find information about the industry. The project is a website that is built using the WordPress content management platform.

Keywords
Network, security, aggregator, content, scraper, web, API, Twitter, RSS, cyber
Background Information and Prior Art

This project came about because in my opinion there is not one good source for security industry news and information. The goal is to combine the best sources and link to them.
Hak.5 is a monthly web show describes themselves as “hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a healthy dose of cocktails and geek comedy. Damn the warranties, it’s time to Trust your Technolust” (2015). The quality has definitely improved over time.
SecurityTube.net is a great resource for security education related videos. I wish there was more emphasis on new content instead of the older Originals and Hacks of the Day.
Slashdot.org is the ultimate source for technology news. Only a small percentage of news articles pertain to security but it is usually all good things to be informed about.
Shodanhq.com is a search engine that can locate any device that is connected to the Internet. It bills itself as “…the world’s first computer search engine that lets you search the Internet for computers. Find devices based on city, country, latitude/longitude, hostname, operating system and IP.” (2015)
Threatpost.com is a good security news site. They are run by Kaspersky but the coverage is industry wide and not just on their products.
Brian Krebs posts lots of well written articles on his personal blog at krebsonsecurity.com.
Bruce Schneier also runs a great personal blog at schneier.com with plenty of thought provoking articles.
Project Description and Innovation Claim
I am building a website to aggregate the top sources for security industry content. It will use content feeds such as RSS, Twitter, Facebook, and YouTube to aggregate content. It will be meant for anyone interested in network security.
Usage Scenario
A user would hit the landing page of the site. They would then click on a link for the section they wanted such as Twitter feeds. Then they would see several embedded feeds of top sources in the security industry. The user could then click through to the publisher’s site to get the full link.
Evaluation Criteria
The website should be graded primarily on its usefulness in providing information to the user. The page should be informative and not confusing. There should be as many relevant sources as possible.
Project Logic Model
Goal – The goal of this project is to create a site that aggregates the content of security industry sites.

1. Find content sources for the security industry
a. RSS feeds
b. Twitter feeds
c. Facebook feeds
d. YouTube feeds
2. Build a website to house the content
a. Decide on a name and register a domain
b. Try to find a prebuilt solution such as WordPress
c. Find out how to embed Twitter, RSS, and other feeds
d. Build site and test
3. Additional features
a. Include functionality to allow users to comment on posts
b. Add Portfolio items
Prototype Implementation
The site is built on the WordPress content management platform. There are individual pages for RSS feeds, Twitter feeds, Facebook feeds, YouTube channels, and each Portfolio objective. Each post on the RSS page is a summary of an article with a link to go to the full source page. Content sources include Slashdot, Shodan, Bruce Schneier, Threatpost, Krebs on Security, Exploit Database, SANS Institute, the National Vulnerability Database, SecurityTube, and Bugtraq. The Twitter page contains posts with a summary of an article with a link to go to the full source page. Content sources include Slashdot, Shodan, Bruce Schneier, Threatpost, Krebs on Security, Exploit Database, SANS Institute, and SecurityTube. The Facebook page contains posts with a summary of an article with a link to go to the full source page. Content sources include Slashdot, Shodan, Bruce Schneier, Threatpost, Exploit Database, SANS Institute, and SecurityTube. The YouTube page contains posts with a summary of an article with a link to go to the full source page. Content sources include Threatpost and Paul’s Security Weekly.
Once a user lands on the homepage of www.securityscraper.com, they are presented with a welcome message, recent posts, recent comments, and other links for things such as monthly content archives. They can select the RSS, Twitter, Facebook, and YouTube navigation menu at the top of the page to go to that respective page. Each feed will update at least every 24 hours. The menu also contains links for my portfolio objective completed works.

Evaluation
The primary purpose of the project is in providing information to the user. It is able to provide the major embeddable feed types in an easy to use layout. The number of sources is adequate for a functional prototype although more could be added. The project has successfully met its stated Evaluation Criteria.
Project Completion Assessment
Overall the project prototype has been a success. I have been able to accomplish most of my goals and can be proud of my work. The main goal of the project is in providing information to the user and that goal has been met. Most major content providers have the same types of social media feeds. Including RSS, Twitter, Facebook, and YouTube covers many of the more popular feed types. It would have been nice to other types such as Google+ but this was not currently supported. Using WordPress shortcodes made it very easy to embed the content feeds. Shortcodes are basically code shortcuts that do a lot with a simple snippet of code.
The next steps would be to migrate away from the WordPress platform. There is a very real risk that WordPress will be upgraded to a new version and then compatibility with plugins will be affected. Plugins can also become unsupported over time and you are at the mercy of a third party. There is also very little flexibility in free WordPress themes. The menu structure is too simple and this limits the site appearance and navigation options. This would require more coding skills than I currently have although I am certainly willing to learn. Once the project is moved to a better platform more content sources should be added. There are many quality sources available but adding feeds is manual process.

References

Dice. (2014). Slashdot: News for nerds, stuff that matters. Retrieved from http://slashdot.org/

Hak5, LLC. (2015). Hak5 – Home. Retrieved from http://hak5.org/

Krebs on Security. (2015). Retrieved from krebsonsecurity.com/

Schneier, B. (n.d.). Schneier on Security. Retrieved from https://www.schneier.com/

SecurityTube.net. (2015). Welcome to SecurityTube.net. Retrieved from http://www.securitytube.net/

SHODAN. Retrieved from www.shodanhq.com/

Slashdot.org. (n.d.). Slashdot: News for nerds, stuff that matters. Retrieved from http://Slashdot.org

Threatpost. (2013). Threatpost | The first stop for security news. Retrieved from http://threatpost.com/