VulnXplorer

Knowledge Base

Understand the concepts behind vulnerability management and how VulnXplorer works.

The Device Ecosystem Hierarchy

VulnXplorer models your technology stack as a layered hierarchy. Each layer represents a different level of your infrastructure, and vulnerabilities at any layer can affect everything above it.

The Five Layers

Device
  └── Operating System
        └── Virtualization (optional)
              └── Application
                    └── Plugin / Extension

Device is the physical or virtual hardware: a laptop, server, phone, IoT sensor, or network appliance. Devices define the foundation — they determine which operating systems can run on them.

Operating System is the software that manages the hardware: Windows 11, Ubuntu 22.04, macOS Sonoma, iOS 17, or Android 14. The OS is often the largest attack surface because it includes hundreds of built-in components.

Virtualization is an optional layer for containers and hypervisors: Docker, Kubernetes, VMware ESXi, or Hyper-V. When present, it sits between the OS and the applications running inside it. Not every stack has this layer.

Application is the software installed on top: web servers (Nginx, Apache), databases (PostgreSQL, MySQL), browsers (Chrome, Firefox), or productivity tools (VS Code, Slack). Most vulnerabilities that users encounter are at this level.

Plugin / Extension is an add-on within an application: WordPress plugins (WooCommerce, Yoast), browser extensions, or IDE plugins. Plugins are often written by third parties with less security review, making them a frequent source of vulnerabilities.

Why the Hierarchy Matters

The hierarchy mirrors how attacks actually work. An attacker who compromises a plugin can often escalate to the application, then the OS, and potentially the entire device. When VulnXplorer shows you a vulnerability in a plugin, it also knows which application, OS, and device are at risk — giving you the full blast radius.

How This Maps to Your Graph

In the Graph View (Device Builder), each layer appears as a node connected by edges. You build the tree top-down: start with a Device node, connect an OS beneath it, then add Applications as children of the OS. The graph visually shows these parent-child relationships so you can see your entire stack at a glance.

Examples

Web Server Stack:

Dell PowerEdge R740
  └── Ubuntu 22.04 LTS
        └── Docker 24.0
              ├── Nginx 1.25
              ├── PostgreSQL 16
              └── Redis 7.2

Developer Workstation:

MacBook Pro M3
  └── macOS Sonoma 14.4
        ├── Chrome 122
        │     └── uBlock Origin
        ├── VS Code 1.87
        │     └── Python Extension
        ├── Docker Desktop 4.28
        └── Slack 4.36

Mobile Device:

iPhone 15
  └── iOS 17.4
        ├── Safari
        ├── Signal 7.0
        ├── Microsoft Outlook
        └── 1Password 8.10