Some embodiments provide a self-configuring firewall for automatic detection and mitigation of security weaknesses. The self-configuring firewall performs passive and active vulnerability detection. Passive detection involves scanning software resources and configurations under firewall protection for vulnerabilities present in the software and software configurations. Active detection identifies vulnerabilities by subjecting the software resources and configurations to simulated malicious traffic. The identified vulnerabilities are mapped to attack signatures. The self-configuring firewall enables the attack signatures which in turn allow the firewall to detect traffic containing attacks directed to exploiting the vulnerabilities.