About Vulnerabilities
Seeker provides a comprehensive collection of information and tools that enable you to explore, analyze, manage, and remediate security vulnerabilities detected in your applications.
The following table provides some background information on vulnerabilities and introduces the terminology used in the related contexts of Seeker.
| Term | Definition |
|---|---|
|
Vulnerability |
A vulnerability is an unintended flaw in an application or a system that leaves it open to potential exploitation in the form of unauthorized access or malicious behavior, which might compromise the application's data integrity and/or privacy, and cause harm to its users and assets. For example: cross-site scripting, SQL injection, weak encryption. |
|
Checker |
A vulnerability checker is a Seeker component that detects a certain type of vulnerability by analyzing information collected by an Agent. |
|
Active Verification |
Active Verification is a mechanism implemented by Seeker that greatly improves the accuracy of vulnerability detection by eliminating false positive detections. When a vulnerability is detected, Seeker verifies it by generating and then analyzing a similar HTTP request with parameter values specially tailored for verification. If this request is also found vulnerable, the original detection is tagged as Seeker-verified. For background information, see About Active Verification. |
| Severity level | A measure of potential harm caused by a vulnerability:
Critical/High/Medium/Low/Info. Seeker assigns severity levels to vulnerabilities according to the classifications in security standards. |
| Owner | The person who is responsible for handling a vulnerability. |
| Ticket | A ticket generated for handling a vulnerability in a bug-tracking system (Jira). |
| Tag | A tag marking a vulnerability. Seeker supplies the system tags: Verified by Seeker/Invalidated by Seeker/Tracked. The latter indicates that a ticket is opened in a bug-tracking system. In addition to the system tags, users can define and apply their own custom tags. |
|
Triage |
Triaging a vulnerability means assigning it an owner, status, and severity. Seeker supplies a number of out-of-the-box vulnerability statuses. In addition, administrators can configure custom vulnerability statuses. For more information, see Out-of-the-box Vulnerability Statuses |
Seeker collects vulnerability detections reported by the Agents and displays them in the Vulnerabilities page. A single vulnerability is identified by its type, URL, and code location. Multiple detections of the same vulnerability are aggregated into one record.