In computer security, the term vulnerability refers to a weakness in a computer system that allows an attacker to violate the integrity of that system. Vulnerabilities may result from software bugs, a computer virus or other malware, a script code injection, a structured query language (SQL) injection, and/or other techniques. A vulnerability may exist in theory, or may have a known instance of an exploit.
Traditional vulnerability scanning, assessment, and management software has been implemented in a network-centric fashion. Although host-based vulnerability scanning, assessment, and management software exists, these host-based implementations are typically managed implementations. Additionally, these host-based implementations typically have a patch management or policy violation focus.
Such managed implementations often require regular updating and maintenance. Furthermore, these implementations often evaluate dormant, unused applications without considering the possibility of these applications never opening an attack vector to exploit a vulnerability of the host system. There is thus a need for overcoming these and/or other issues associated with the prior art.