CN107277021A - A kind of new open leak coverage identification and remediation management system and method - Google Patents

A kind of new open leak coverage identification and remediation management system and method Download PDF

Info

Publication number
CN107277021A
CN107277021A CN201710490812.2A CN201710490812A CN107277021A CN 107277021 A CN107277021 A CN 107277021A CN 201710490812 A CN201710490812 A CN 201710490812A CN 107277021 A CN107277021 A CN 107277021A
Authority
CN
China
Prior art keywords
leak
information
assets
reparation
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710490812.2A
Other languages
Chinese (zh)
Inventor
肖鹏
苏永东
赵晓平
吴晟
黄祖源
张睿
宋春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Center of Yunnan Power Grid Co Ltd
Original Assignee
Information Center of Yunnan Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Center of Yunnan Power Grid Co Ltd filed Critical Information Center of Yunnan Power Grid Co Ltd
Priority to CN201710490812.2A priority Critical patent/CN107277021A/en
Publication of CN107277021A publication Critical patent/CN107277021A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computing Systems (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Game Theory and Decision Science (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a kind of new open leak coverage identification and remediation management system and method, gather the assets information in management and control devices in real time including assets information acquisition module, new open leak acquisition module obtains new open vulnerability information in real time, leak influences detection module to detect impacted assets according to the assets information and vulnerability information of acquisition, leak repairs suggestion module, impacted assets information and vulnerability information according to detecting download redaction patch and generate reparation order automatically, workflow management module is verified in leak reparation, the impacted assets information and leak of detection module offer is influenceed to repair reparation order progress leak reparation and checking that suggestion module is provided according to leak.The embodiment of the present invention can greatly shorten leak from the real-time limit for being found to reparation, reduce the open-assembly time of information system by being obtained, being matched to assets information and vulnerability information in real time and issue processing work order in time according to matching result.

Description

A kind of new open leak coverage identification and remediation management system and method
Technical field
The present invention relates to information security field, more particularly to a kind of new open leak coverage identification and remediation management system System and method.
Background technology
The information-based important force globalized as promoting, profoundly changes the life of people.Cyberspace and Actual life is closely coupled, constitutes an open complicated huge system, and information security turns into influence cyberspace health hair The key factor of exhibition.Internet computer quantity and web-based applications are developed rapidly, make various cyberspaces safety problem, It is increasingly sophisticated that security context becomes.Either the network security strategy of State-level or the information security of social aspect are prevented Shield, information security leak turns into one of key problem of attacking and defending both sides' game, constantly exposed information security leak and information Security incident generates direct influence to vast ruck.
In face of complicated IT environment and ever-increasing information security leak, existing leak investigation-reparation side of enterprise Method is generally artificial investigation-reparation, and idiographic flow is:The main stream website that staff periodically goes leak to issue checks that leak is issued Situation, according to the vulnerability information newly issued investigate software that the whole users of enterprises are installed whether with the leak class newly issued Type, version match, when the type, version when new open leak match further according to leak in the restoration information that carries download phase The patch answered simultaneously is installed, and corresponding software is verified after patch is installed, so that it is determined that whether leak is repaiied Finish again.
However, in existing leak investigation-restorative procedure, the time that single leak is completed from circular, investigation to reparation Will be in terms of day, it is difficult to accomplish quick reparation, due to longer repairing efficiency, also mutually strained to the attack time that attacker leaves Long, the information security to enterprises causes strong influence.
The content of the invention
To overcome problem present in correlation technique, following technical scheme is disclosed:
First aspect there is provided a kind of new open leak coverage identification and remediation management system, including:
Assets information acquisition module, for gathering the assets information in management and control devices;
New open leak acquisition module, for obtaining newest disclosed vulnerability information;
Leak influences detection module, for detecting impacted money according to the assets information and vulnerability information that collect Production;
Leak repairs suggestion module, for downloading new edition automatically according to the impacted assets information and vulnerability information that detect This patch simultaneously generates reparation order;
Workflow management module is verified in leak reparation, for influenceing the impacted assets that detection module is provided according to the leak Information and the leak repair redaction patch and reparation order progress leak reparation and the checking that suggestion module is provided;
The assets information acquisition module and new open leak acquisition module respectively connect the leak influence detection Module and leak repair suggestion module, and the leak influence detection module and leak repair suggestion module and connect the leak respectively Repair checking workflow management module.
Alternatively, the leak reparation checking workflow management module also includes:
Work order workflow management module, for being influenceed the impacted assets information and leak of detection module offer to repair according to leak Reparation order generation and issue leak disposal work order that multiple suggestion module is provided;
Inspection module is repaired, is tracked for disposing checking after work order state is repaired according to the leak with overall flow Examination.
Alternatively, the reparation inspection module includes:
Automation, which is repaired, examines submodule, for carrying out key reparation checking for user;
Self-defined repair examines submodule, for carrying out self-defined reparation checking for user.
Second aspect there is provided a kind of new open leak coverage identification and remediation management method, including:
Obtain the assets information of management and control devices and preserve to local assets information storehouse, wherein, the assets information includes institute State software and hardware title, version and the module information of management and control devices installation;
Newest open vulnerability information is obtained, the vulnerability information is parsed and formatted, and by the leakage after formatting Hole information is preserved to local vulnerability database;
By shadow in management and control devices described in coverage Data Detection in the assets information and the vulnerability information Ring assets;
Restoration information in the impacted assets and the vulnerability information is downloaded redaction patch and generated automatically The reparation order of the correspondence redaction patch;
Leak reparation is carried out according to the redaction patch and reparation order.
Alternatively, the assets information for obtaining management and control devices includes:
Performed by client proxy, safety shell protocol SSH orders, configuration file is parsed and Simple Network Management Protocol Software and hardware title, version and module information that SNMP mode taken at regular intervals management and control devices are installed.
Alternatively, the newest open vulnerability information of the acquisition includes:
Continue to obtain newest open vulnerability information from default vulnerability information issuing web site by web crawlers.
Alternatively, the impacted money of the coverage Data Detection in the assets information and the vulnerability information Production includes:
The local vulnerability database and local assets information storehouse are persistently detected, when the local vulnerability database and local assets information When any data changes in storehouse, the data to change are read out and matched one by one.
Alternatively, it is described when any data changes in the local vulnerability database and local assets information storehouse, one by one Data to change are read out and matched, including:
When the local vulnerability database increases leak newly, detect in the local asset library and whether there is and the newly-increased leak The assets of same type;
If in the presence of the assets with the newly-increased leak same type, judge the same type asset version whether with it is described The version information that newly-increased leak is carried is consistent;
If the asset version of the same type is consistent with the version information that the newly-increased leak is carried, judge described newly-increased Whether leak has been repaired;
If the newly-increased leak is not repaired, send leak and do not repair instruction;
Or,
When the local asset library new assets, detect in the local vulnerability database and whether there is and the new assets The leak of same type;
If in the presence of the leak with the new assets same type, judge the new assets version whether with it is described same The version information that the leak of type is carried is consistent;
If the version of the new assets is consistent with the version information that the leak of the same type is carried, judge described new Spend more money on whether production has repaired;
If the new assets is not repaired, send leak and do not repair instruction.
Alternatively, it is described to be included according to the redaction patch and reparation order progress leak reparation:
Ordered according to the redaction patch and reparation, generate and issue leak disposal work order;
Checking and overall flow follow-up check after work order state is repaired are disposed according to the leak.
Alternatively, checking includes key reparation checking after the reparation and self-defined repair is verified.
New open leak coverage identification provided in an embodiment of the present invention is adopted with remediation management system including assets information Collect module, new open leak acquisition module, leak influence detection module, leak and repair suggestion module and leak reparation checking stream Thread management module, assets information acquisition module gathers the assets information in management and control devices in real time, and new open leak acquisition module is real When obtain new open vulnerability information, leak influences detection module to detect impacted according to the assets information and vulnerability information of acquisition Assets, leak repairs suggestion module, and redaction patch is downloaded automatically according to the impacted assets information and vulnerability information that detect And reparation order is generated, leak reparation checking workflow management module influences the impacted assets that detection module is provided according to leak Information and leak repair the reparation order progress leak reparation and checking that suggestion module is provided.The embodiment of the present invention passes through real-time Assets information and vulnerability information are obtained, matched and processing work order is issued in time according to matching result, can greatly be contracted Short leak reduces the open-assembly time of information system from the real-time limit for being found to reparation.
Brief description of the drawings
In order to illustrate more clearly of technical scheme, letter will be made to the required accompanying drawing used in embodiment below Singly introduce, it should be apparent that, for those of ordinary skills, without having to pay creative labor, Other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of new open leak coverage identification provided in an embodiment of the present invention and the structure of remediation management system Schematic diagram;
Fig. 2 is a kind of new open leak coverage identification provided in an embodiment of the present invention and the flow of remediation management method Figure;
Fig. 3 is a kind of flow chart for the method for detecting impacted assets provided in an embodiment of the present invention.
Embodiment
In order that those skilled in the art more fully understand the technical scheme in the present invention, below in conjunction with of the invention real The accompanying drawing in example is applied, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described implementation Example only a part of embodiment of the invention, rather than whole embodiments.
It is a kind of new open leak coverage identification provided in an embodiment of the present invention and remediation management system referring to Fig. 1 Structural representation, as shown in figure 1, new open leak coverage identification provided in an embodiment of the present invention and remediation management system Including a kind of new open leak coverage identification and remediation management system, including:
Assets information acquisition module, assets information acquisition module is connected with information system or management and control devices, for collection tube Control the assets information in equipment.
New open leak acquisition module, new open leak acquisition module is connected with well-known leak shared platform, for obtaining Newest disclosed vulnerability information, can in order to guarantee the information for obtaining new leak in the shortest time after new leak is issued To connect individual leak shared platform, the time difference that each leak shared platform is distributed leak is made up.
Leak influences detection module, for detecting impacted assets according to the assets information and vulnerability information that collect. The relevant information of leaky targeted dbase, version model and leak patch is included in vulnerability information, passes through detection It whether there is in management and control devices with whether new openly leak identical software and software version model unanimously judge whether to deposit In impacted assets.
Leak repairs suggestion module, for downloading new edition automatically according to the impacted assets information and vulnerability information that detect This patch simultaneously generates reparation order, due to including patch information in vulnerability information, therefore, is deposited when detecting in management and control in equipment Corresponding patch can be downloaded automatically according to vulnerability information when with the assets that vulnerability information matches.
Workflow management module is verified in leak reparation, for influenceing the impacted assets information that detection module is provided according to leak Redaction patch and reparation order progress leak reparation and the checking that suggestion module is provided are repaired with leak, is repaiied according to leak Redaction patch that multiple suggestion module is provided and repair order and carry out after leak reparation, in order to ensure leak carried out it is intact Reparation also needs to carry out leak, that is, weighs the leak present in new attack assets, prove that leak has been repaired if it can not break through Complete.
Assets information acquisition module and new open leak acquisition module respectively connect leak influence detection module and leakage Suggestion module is repaired in hole, and leak influence detection module and leak repair suggestion module and connect leak reparation checking workflow management respectively Module.
The embodiment of the present invention also includes:Work order workflow management module, for according to leak influence detection module provide by Influence assets information and leak repair the reparation order generation of suggestion module offer and issue leak disposal work order;
Inspection module is repaired, is examined for disposing checking after work order state is repaired according to leak with overall flow tracking Core.
In addition, the demand in order to meet a variety of users, repairing inspection module includes:
Automation, which is repaired, examines submodule, for carrying out key reparation checking for user;
Self-defined repair examines submodule, for carrying out self-defined reparation checking for user;
User can be that key reparation checking or self-defined repair are verified according to the selection of respective demand.
The embodiment of the present invention additionally provides a kind of new open leak coverage identification and remediation management method, it is adaptable to this New open leak coverage identification and remediation management system that inventive embodiments are provided.
It is a kind of new open leak coverage identification provided in an embodiment of the present invention and remediation management method referring to Fig. 2 Flow chart, as shown in Fig. 2 new open leak coverage identification provided in an embodiment of the present invention and remediation management method bag Include:
S10:Obtain the assets information of management and control devices and preserve to local assets information storehouse, wherein, assets information includes pipe Control software and hardware title, version and module information that equipment is installed.
Pacified by mode taken at regular intervals management and control devices such as client proxy, ssh orders execution, configuration file parsing, SNMP The software and hardware title of dress, version, module information, the configuration for being then converted into key-value forms record and are saved in local money Produce in information bank, its form is as follows:
S20:Newest open vulnerability information is obtained, vulnerability information is parsed and formatted, and by the leakage after formatting Hole information is preserved to local vulnerability database.
New open leak acquisition module continues to obtain newest disclosure from default vulnerability information issuing web site by web crawlers Vulnerability information, formats after parsing and preserves to local vulnerability database, its form is as follows:
If Fix_info methods are that there is provided patch title or ID by Patch;If method is that there is provided need more by Update The version newly arrived;If method is that there is provided the configuration information for needing to change by Config
S30:Impacted assets in coverage Data Detection management and control devices in assets information and vulnerability information.
S40:Restoration information in impacted assets and vulnerability information downloads redaction patch and generates reparation automatically Order.
S50:Leak reparation is carried out according to redaction patch and reparation order.
Specifically, carrying out leak reparation according to redaction patch and reparation order includes:
Ordered according to the redaction patch and reparation, generate and issue leak disposal work order;
Checking and overall flow follow-up check after work order state is repaired are disposed according to the leak.
In order to meet the demand of a variety of users, checking includes key reparation checking after reparation and self-defined reparation is tested Card.
It is a kind of flow chart of method for detecting impacted assets provided in an embodiment of the present invention, such as Fig. 3 institutes referring to Fig. 3 Show, step S30 also includes:
S301:Local vulnerability database and local assets information storehouse are persistently detected, when local vulnerability database and local assets information storehouse When interior any data changes, the data to change are read out and matched one by one.
It is new for local leak trousers comprising two kinds of possible one kind in the local vulnerability database of lasting detection and local assets information storehouse Increasing data are thought increases data newly for local assets information storehouse, when local vulnerability database increases leak newly, performs step as follows:
S302:Detect in local asset library with the presence or absence of the assets with newly-increased leak same type.
If in the presence of the assets with newly-increased leak same type, performing step S303:Judge same type asset version whether It is consistent with the version information that newly-increased leak is carried.
If the asset version of same type is consistent with the version information that newly-increased leak is carried, step S304 is performed:Judge new Increase whether leak has been repaired.
If newly-increased leak is not repaired, step S308 is performed:Send leak and do not repair instruction.
When local asset library new assets, step is performed as follows:
S305:Detect in local vulnerability database with the presence or absence of the leak with new assets same type;
If in the presence of the leak with new assets same type, performing step S306:Judge new assets version whether with The version information that the leak of same type is carried is consistent;
If the version of new assets is consistent with the version information that the leak of same type is carried, step S307 is performed:Judge Whether new assets has repaired.
If new assets is not repaired, step S308 is performed:Send leak and do not repair instruction.
Leak influence detection module persistently detects local vulnerability database and local assets information storehouse, when local vulnerability database and locally When any data changes in assets information storehouse, just the data one by one to change are read out and matched, by matching Information forms impacted assets information, and its form is as follows:
New open leak coverage identification provided in an embodiment of the present invention is adopted with remediation management system including assets information Collect module, new open leak acquisition module, leak influence detection module, leak and repair suggestion module and leak reparation checking stream Thread management module, assets information acquisition module gathers the assets information in management and control devices in real time, and new open leak acquisition module is real When obtain new open vulnerability information, leak influences detection module to detect impacted according to the assets information and vulnerability information of acquisition Assets, leak repairs suggestion module, and redaction patch is downloaded automatically according to the impacted assets information and vulnerability information that detect And reparation order is generated, leak reparation checking workflow management module influences the impacted assets that detection module is provided according to leak Information and leak repair the reparation order progress leak reparation and checking that suggestion module is provided.The embodiment of the present invention passes through real-time Assets information and vulnerability information are obtained, matched and processing work order is issued in time according to matching result, can greatly be contracted Short leak reduces the open-assembly time of information system from the real-time limit for being found to reparation.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row His property is included, so that process, method, article or equipment including a series of key elements not only include those key elements, and And also including other key elements being not expressly set out, or also include for this process, method, article or equipment institute inherently Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including institute Also there is other identical element in process, method, article or the equipment of stating key element.
Described above is only the embodiment of the present invention, is made skilled artisans appreciate that or realizing this hair It is bright.A variety of modifications to these embodiments will be apparent to one skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, it is of the invention The embodiments shown herein is not intended to be limited to, and is to fit to and principles disclosed herein and features of novelty phase one The most wide scope caused.
Invention described above embodiment is not intended to limit the scope of the present invention..

Claims (10)

1. a kind of new open leak coverage identification and remediation management system, it is characterised in that including:
Assets information acquisition module, for gathering the assets information in management and control devices;
New open leak acquisition module, for obtaining newest disclosed vulnerability information;
Leak influences detection module, for detecting impacted assets according to the assets information and vulnerability information that collect;
Leak repairs suggestion module, is mended for downloading redaction automatically according to the impacted assets information and vulnerability information that detect Fourth simultaneously generates reparation order;
Workflow management module is verified in leak reparation, for influenceing the impacted assets information that detection module is provided according to the leak Redaction patch and reparation order progress leak reparation and the checking that suggestion module is provided are repaired with the leak;
The assets information acquisition module and new open leak acquisition module respectively connect the leak influence detection module Suggestion module is repaired with leak, the leak influence detection module and leak repair suggestion module and connect the leak reparation respectively Verify workflow management module.
2. new open leak coverage identification as claimed in claim 1 and remediation management system, it is characterised in that the leakage Checking workflow management module is repaired in hole also to be included:
Work order workflow management module, for influenceing the impacted assets information of detection module offer and leak reparation to build according to leak Reparation order generation and issue leak disposal work order that view module is provided;
Inspection module is repaired, is examined for disposing checking after work order state is repaired according to the leak with overall flow tracking Core.
3. new open leak coverage identification as claimed in claim 2 and remediation management system, it is characterised in that described to repair Multiple inspection module includes:
Automation, which is repaired, examines submodule, for carrying out key reparation checking for user;
Self-defined repair examines submodule, for carrying out self-defined reparation checking for user.
4. a kind of new open leak coverage identification and remediation management method, it is characterised in that including:
Obtain the assets information of management and control devices and preserve to local assets information storehouse, wherein, the assets information includes the pipe Control software and hardware title, version and module information that equipment is installed;
Newest open vulnerability information is obtained, the vulnerability information is parsed and formatted, and the leak after formatting is believed Breath is preserved to local vulnerability database;
Impacted money in management and control devices described in coverage Data Detection in the assets information and the vulnerability information Production;
Restoration information in the impacted assets and the vulnerability information downloads redaction patch and generates correspondence automatically The reparation order of the redaction patch;
Leak reparation is carried out according to the redaction patch and reparation order.
5. new open leak coverage identification as claimed in claim 4 and remediation management method, it is characterised in that described to obtain Taking the assets information of management and control devices includes:
Performed by client proxy, safety shell protocol SSH orders, configuration file is parsed and Simple Network Management Protocol SNMP Software and hardware title, version and module information that mode taken at regular intervals management and control devices are installed.
6. new open leak coverage identification as claimed in claim 4 and remediation management method, it is characterised in that described to obtain Newest open vulnerability information is taken to include:
Continue to obtain newest open vulnerability information from default vulnerability information issuing web site by web crawlers.
7. new open leak coverage identification as claimed in claim 4 and remediation management method, it is characterised in that described Include according to the impacted assets of coverage Data Detection in the assets information and the vulnerability information:
The local vulnerability database and local assets information storehouse are persistently detected, when in the local vulnerability database and local assets information storehouse When any data changes, the data to change are read out and matched one by one.
8. new open leak coverage identification as claimed in claim 7 and remediation management method, it is characterised in that described to work as When any data changes in the local vulnerability database and local assets information storehouse, the data of change are read out one by one and Matching, including:
When the local vulnerability database increases leak newly, detect in the local asset library with the presence or absence of similar with the newly-increased leak The assets of type;
If in the presence of the assets with the newly-increased leak same type, judging whether the asset version of the same type increases newly with described The version information that leak is carried is consistent;
If the asset version of the same type is consistent with the version information that the newly-increased leak is carried, the newly-increased leak is judged Whether repair;
If the newly-increased leak is not repaired, send leak and do not repair instruction;
Or,
When the local asset library new assets, detect in the local vulnerability database with the presence or absence of similar with the new assets The leak of type;
If in the presence of the leak with the new assets same type, judge the new assets version whether with the same type Leak carry version information it is consistent;
If the version information that the leak of the version of the new assets and the same type is carried is consistent, judge described newly to spend more money on Whether production has repaired;
If the new assets is not repaired, send leak and do not repair instruction.
9. new open leak coverage identification as claimed in claim 4 and remediation management method, it is characterised in that described Carrying out leak reparation according to the redaction patch and reparation order includes:
Ordered according to the redaction patch and reparation, generate and issue leak disposal work order;
Checking and overall flow follow-up check after work order state is repaired are disposed according to the leak.
10. new open leak coverage identification as claimed in claim 9 and remediation management method, it is characterised in that described Checking includes key reparation checking after reparation and self-defined repair is verified.
CN201710490812.2A 2017-06-26 2017-06-26 A kind of new open leak coverage identification and remediation management system and method Pending CN107277021A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710490812.2A CN107277021A (en) 2017-06-26 2017-06-26 A kind of new open leak coverage identification and remediation management system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710490812.2A CN107277021A (en) 2017-06-26 2017-06-26 A kind of new open leak coverage identification and remediation management system and method

Publications (1)

Publication Number Publication Date
CN107277021A true CN107277021A (en) 2017-10-20

Family

ID=60069347

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710490812.2A Pending CN107277021A (en) 2017-06-26 2017-06-26 A kind of new open leak coverage identification and remediation management system and method

Country Status (1)

Country Link
CN (1) CN107277021A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108182365A (en) * 2017-12-18 2018-06-19 北京天融信网络安全技术有限公司 Leak detection method, equipment and computer readable storage medium based on CPE
CN108200029A (en) * 2017-12-27 2018-06-22 北京知道创宇信息技术有限公司 Loophole situation detection method, device, server and readable storage medium storing program for executing
CN108989299A (en) * 2018-07-03 2018-12-11 杭州安恒信息技术股份有限公司 A kind of monitoring method and system of internet of things equipment loophole
CN110647344A (en) * 2019-09-27 2020-01-03 上海赛可出行科技服务有限公司 Vulnerability-containing software automatic updating method based on Internet
CN111104677A (en) * 2019-12-18 2020-05-05 哈尔滨安天科技集团股份有限公司 Vulnerability patch detection method and device based on CPE (customer premise Equipment) specification
CN111695120A (en) * 2020-06-12 2020-09-22 公安部第三研究所 Information system safety deep threat early warning system and method
CN111865927A (en) * 2020-06-24 2020-10-30 平安普惠企业管理有限公司 Vulnerability processing method and device based on system, computer equipment and storage medium
CN112528295A (en) * 2020-12-22 2021-03-19 国家工业信息安全发展研究中心 Vulnerability repairing method and device of industrial control system
CN114143110A (en) * 2021-12-08 2022-03-04 湖北天融信网络安全技术有限公司 Vulnerability processing method, device and system of mimicry equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070250595A1 (en) * 2006-04-25 2007-10-25 Citadel Security Software, Inc. System and method for protecting a computer network
US20070300303A1 (en) * 2006-06-21 2007-12-27 Greene Michael P Method and system for removing pestware from a computer
CN101119231A (en) * 2007-07-19 2008-02-06 南京联创网络科技有限公司 Method to centralized manage and automatic download mend of computer security leak base
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof
CN104125197A (en) * 2013-04-24 2014-10-29 阿里巴巴集团控股有限公司 Security baseline system and method thereof for implementing security checks
CN106503564A (en) * 2016-10-26 2017-03-15 上海携程商务有限公司 The discovery method and system of software vulnerability
CN106529287A (en) * 2016-11-17 2017-03-22 江苏通付盾科技有限公司 Method and device for automatically reinforcing application vulnerabilities

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070250595A1 (en) * 2006-04-25 2007-10-25 Citadel Security Software, Inc. System and method for protecting a computer network
US20070300303A1 (en) * 2006-06-21 2007-12-27 Greene Michael P Method and system for removing pestware from a computer
CN101119231A (en) * 2007-07-19 2008-02-06 南京联创网络科技有限公司 Method to centralized manage and automatic download mend of computer security leak base
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof
CN104125197A (en) * 2013-04-24 2014-10-29 阿里巴巴集团控股有限公司 Security baseline system and method thereof for implementing security checks
CN106503564A (en) * 2016-10-26 2017-03-15 上海携程商务有限公司 The discovery method and system of software vulnerability
CN106529287A (en) * 2016-11-17 2017-03-22 江苏通付盾科技有限公司 Method and device for automatically reinforcing application vulnerabilities

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108182365B (en) * 2017-12-18 2021-11-16 北京天融信网络安全技术有限公司 CPE-based vulnerability detection method, device and computer-readable storage medium
CN108182365A (en) * 2017-12-18 2018-06-19 北京天融信网络安全技术有限公司 Leak detection method, equipment and computer readable storage medium based on CPE
CN108200029A (en) * 2017-12-27 2018-06-22 北京知道创宇信息技术有限公司 Loophole situation detection method, device, server and readable storage medium storing program for executing
CN108989299A (en) * 2018-07-03 2018-12-11 杭州安恒信息技术股份有限公司 A kind of monitoring method and system of internet of things equipment loophole
CN110647344A (en) * 2019-09-27 2020-01-03 上海赛可出行科技服务有限公司 Vulnerability-containing software automatic updating method based on Internet
CN111104677A (en) * 2019-12-18 2020-05-05 哈尔滨安天科技集团股份有限公司 Vulnerability patch detection method and device based on CPE (customer premise Equipment) specification
CN111104677B (en) * 2019-12-18 2023-12-26 安天科技集团股份有限公司 Vulnerability patch detection method and device based on CPE specification
CN111695120A (en) * 2020-06-12 2020-09-22 公安部第三研究所 Information system safety deep threat early warning system and method
CN111865927A (en) * 2020-06-24 2020-10-30 平安普惠企业管理有限公司 Vulnerability processing method and device based on system, computer equipment and storage medium
CN111865927B (en) * 2020-06-24 2024-04-05 天翼安全科技有限公司 Vulnerability processing method and device based on system, computer equipment and storage medium
CN112528295A (en) * 2020-12-22 2021-03-19 国家工业信息安全发展研究中心 Vulnerability repairing method and device of industrial control system
CN114143110A (en) * 2021-12-08 2022-03-04 湖北天融信网络安全技术有限公司 Vulnerability processing method, device and system of mimicry equipment
CN114143110B (en) * 2021-12-08 2024-04-26 湖北天融信网络安全技术有限公司 Vulnerability processing method, device and system of mimicry equipment

Similar Documents

Publication Publication Date Title
CN107277021A (en) A kind of new open leak coverage identification and remediation management system and method
CN104767757B (en) Various dimensions safety monitoring method and system based on WEB service
CN109871696A (en) A kind of automatic collection and vulnerability scanning system and method, computer of vulnerability information
Fonseca et al. Vulnerability & attack injection for web applications
CN102468985A (en) Method and system for carrying out penetration test on network safety equipment
JP4733885B2 (en) Vulnerability assessment program, method and system
CN106330601A (en) Test case generating method and device
CN104598218B (en) For merging and reusing the method and system of gateway information
CN103023710A (en) Safety test system and method
CN110177114A (en) The recognition methods of network security threats index, unit and computer readable storage medium
WO2011148372A1 (en) Apparatus and methods for assessing and maintaining security of a computerized system under development
CN105610819B (en) The method and apparatus of the query service of server info are provided
CN105975863A (en) Method for evaluating and calculating information security risk of power distribution automation terminal equipment
CN105743901A (en) Server, anti-crawler system and anti-crawler verification method
CN106506545A (en) A kind of network security threats assessment system and method
CN108133148A (en) Data safety inspection method and system
CN103955429B (en) Determine the method and device of regression test scope
CN104915193A (en) Flow engine processing method and device
Daubner et al. Towards verifiable evidence generation in forensic-ready systems
CN113282971B (en) Processing method, device, equipment and storage medium of test log
Merkow et al. Secure and resilient software: Requirements, test cases, and testing methods
CN104618176B (en) website security detection method and device
CN107392027A (en) A kind of website vulnerability method of testing, test system, electronic equipment and storage medium
Jiang et al. Cyber-physical systems security based on a cross-linked and correlated vulnerability database
CN106411951A (en) Network attack behavior detection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171020

RJ01 Rejection of invention patent application after publication