abstract |
In a system for determining vulnerabilities associated with a web property, a network accessible server associated with the property is identified. One or more software components/subsystems associated with that server and, optionally, one or more versions of that component/subsystem are identified. For the identified components and versions thereof, vulnerability information is obtained from a database and compiled to determine vulnerability of the web property, without requiring access to any code of the software components/subsystems. |