Qualys, the security firm, has launched a new open source tool, "BlindElephant."

BlindElephant tool has been launched as an open source project in order to let users protect themselves and monitor their web applications.

BlindElephant can accurately fingerprint web applications down to version level in order to better manage the security issues which now plague such software.

As Qualys says, the need for such a tool is getting obvious. Such web applications, including open source apps, are a huge area of potential vulnerability for most organizations and the reason is that it is difficult to assess what is running on a website and to what version number.

Qualys, using BlindElephant to assess a range of popular open source web apps running on 1,084,152 hosts, has found extensive vulnerabilities in the apps commonly running on many sites. This is also an area where open source has a strong presence.

BlindElephant would not check for vulnerabilities so much as identify applications to a high degree of accuracy. This was often a problem for admins, as said Qualys CTO, Wolfgang Kandek said, and the source of many problems in dealing with vulnerabilities.