In recent years, problems have arisen concerning unauthorized activities of acquiring personal information from WEB application systems through maliciously attacking vulnerability in WEB applications. To address these problems, proposal has been made of a system of detecting attack patterns to the WEB applications and blocking the attack using, for example, web application firewall (WAF) to prevent leakage of personal information.
Further, a technique of diagnosing vulnerable portions in the WEB application in advance is proposed to improve the security of the WEB application. For example, Patent Document 1 below proposes to identify an inspection item corresponding to a given parameter using a setting file indicating a correspondence between parameters to be inspected and inspection items when the parameter is given, thereby performing the inspection process in terms of vulnerability.