Monitor the technology in use on your attack surface.
The Technology section gives you detailed information on platforms, applications, firewall services, and software that was identified during scanning, including frameworks, plugins and more.
- Monitor software and third party integrations to gain deeper insight into how your web applications are connected to third party assets.
- Reduce complexity by eliminating the use of multiple versions and ensuring that patching schedules are adequately maintained.
- Discover shadow IT services that have not been properly vetted.
- Identify out of date software and versions that contain publicly disclosed vulnerabilities.
Technology is detected in a number of ways while crawling the website such as through fingerprinting scripts, headers, and cookies. We classify technology into 4 types, each with their own sub-categories:
Platforms are 3rd party infrastructure and applications such as CDNs, ticketing/support applications, and content management systems.
- Hosting: Hosting services for websites, ticketing systems, etc.
- CDN: Content delivery networks such as Cloudflare and Akamai.
- DNS: Third-party DNS services like AWS Route53.
- Email: Email providers and services.
- Authentication: Authentication services like Google Sign In and Auth0.
- Other: Other types of platforms.
Firewall services that were identified on your network.
- Web: HTTP servers and proxies.
- DNS: DNS services like resolvers and caching servers.
- Database: Database systems like MySQL.
- Mail: Mail services like SMTP, POP3, and IMAP.
- Access: Services used to access network resources like VPNs and SSH.
- Other: Other network services.
Scripts that are being used by the site, including analytics/tracking products, ecommerce platforms, and others.
- Framework: Web frameworks, components, and libraries.
- Analytics: Scripts that are used for analytics and metrics.
- Widget: 3rd party integrations that typically have a graphical component on the site.
- Social: Social media integrations like Facebook, Twitter, and Pinterest.
- Platform: Platform integrations for marketing, e-commerce, and others.
Frameworks represent the technology or programming language used to build the web application.
- CMS: Content Management Systems like blogs and educational platforms.
- Framework: Development frameworks used to build the web application.
- Module: Plugins, modules, and add-ons for software.
- Language: The development language of the website.
- Other: Other types of software
We associate Technology with a number of important facets:
- Type represents the classification of the Technology.
- Category represents the specific function that the Technology performs.
- Scripts that identified an application.
- Cookies that identified an application.
- Firewall ports where an application was identified from its banner or other fingerprinting techniques.
For applications and software exposed on the firewall that have a detected version, risk recommendations are made based on Recommended, Clean, Vulnerable, and Obsolete versions.
- High (● Red):
- Assigned when the detected version is less than or equal to the Obsolete version.
- Medium (● Yellow):
- Assigned when the detected version is less than the Clean version.
- Low (● Green):
- Assigned when the detected version matches the Recommended or Clean version.
- Recommended: The latest release of the product.
- Clean: Older versions of the product that are free from any publicly known vulnerabilities.
- Vulnerable: Older versions of the product that have known vulnerabilities.
- Obsolete: Obsolete or deprecated versions of product that are no longer maintained or have critical security issues.
Technology is assigned a Popularity rating and displayed with a chart. Popularity is calculated by determining how common the technology is across previous scans where it has been identified.
In addition to showing the prevalence of a given Technology, the Technology > List view also displays how common a particular version is.
Halo Security maintains an updated database of Common Vulnerabilities and Exposures (CVE). These are known security threats and vulnerabilities that have been reported to software vendors. In cases where a Technology version is identified, the version is compared to the CVE database to provide you an accurate listing of known vulnerabilities you are exposed to.
CVE listings will provide links to the security advisories which will contain more information about vulnerable configurations and in most cases, steps to remediate or upgrade the software to a secure version.