A: Great question. Yes — Rafter scans against authoritative, actively maintained vulnerability sources, including CVE data, vendor advisories, operating-system security feeds, and ecosystem-specific vulnerability databases.

This means results are not based only on our own discretion or a static internal list. They are grounded in reputable external security intelligence sources that are continuously maintained by software vendors, security researchers, and the broader open-source security community.

Our vulnerability database is refreshed every 6 hours, so scans stay aligned with newly published vulnerabilities and updated advisories throughout the day. In addition, we continuously add and tune detection rules for specific technologies, frameworks, and customer-requested use cases, such as WordPress plugins, CMS components, dependencies, and commonly exploited software.

These detection-rule updates are typically made on a daily to weekly basis, depending on priority and complexity. We also keep refining checks to reduce false positives and improve result quality.

So yes, Rafter is designed to stay current: it uses reputable external vulnerability intelligence, updates that data multiple times per day, and continuously improves its detection logic as new vulnerabilities, advisories, and software ecosystems evolve.