CN114884719A - Network equipment security vulnerability early warning system - Google Patents

Network equipment security vulnerability early warning system Download PDF

Info

Publication number
CN114884719A
CN114884719A CN202210474017.5A CN202210474017A CN114884719A CN 114884719 A CN114884719 A CN 114884719A CN 202210474017 A CN202210474017 A CN 202210474017A CN 114884719 A CN114884719 A CN 114884719A
Authority
CN
China
Prior art keywords
risk
network equipment
rectification
vulnerability
state
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210474017.5A
Other languages
Chinese (zh)
Inventor
彭明
谭近军
刘超颖
吴文超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Haoheng Information Technology Co ltd
Original Assignee
Guangzhou Haoheng Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Haoheng Information Technology Co ltd filed Critical Guangzhou Haoheng Information Technology Co ltd
Priority to CN202210474017.5A priority Critical patent/CN114884719A/en
Publication of CN114884719A publication Critical patent/CN114884719A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02ATECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
    • Y02A10/00TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE at coastal zones; at river basins
    • Y02A10/40Controlling or monitoring, e.g. of flood or hurricane; Forecasting, e.g. risk assessment or mapping

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application discloses a network equipment security vulnerability early warning system which comprises a risk discovery module, a wind control center and a display module, wherein the risk discovery module is used for discovering risks; the working method comprises the following steps: the method comprises the following steps: the risk discovery module carries out risk scanning on target network equipment; step two: submitting risks to the wind control center for risk treatment; step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result; step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result. The network equipment security vulnerability early warning system has high vulnerability disposal efficiency.

Description

Network equipment security vulnerability early warning system
Technical Field
The invention relates to the technical field of vulnerability management, in particular to a network equipment security vulnerability early warning system.
Background
The hidden trouble of the vulnerability is a main factor of information security risk, and because of the hidden trouble of the vulnerability, viruses are flooded, attack invasion, Trojan backdoor and information leakage exist. Due to technical defects, misconfigurations and attack upgrades, new vulnerabilities occur every day. However, the vulnerability can be quickly managed, information security vulnerability management is well done, and quick perception, discovery and repair of the vulnerability are important guarantees for enterprises to make information security.
Currently, most enterprises adopt a vulnerability scanning system to detect vulnerabilities regularly, and manually and regularly perform security inspection to discover security vulnerabilities and then perform repair and reinforcement work. However, this vulnerability detection method has the following problems: (1) the method depends on manual operation, and lacks of automatic and standardized means; (2) the vulnerability feature library is slow to update, and the discovery and the disposal of the vulnerability have hysteresis; (3) the information of the network assets is not completely mastered, and the bugs are difficult to find and repair accurately in time; (4) the overall treatment lacks of cooperativity. In conclusion, vulnerability management in the prior art has potential safety hazards.
Disclosure of Invention
An object of the present application is to provide a network device security vulnerability early warning system to solve the problem of potential safety hazard in vulnerability management in the prior art provided in the background art.
In order to achieve the above purpose, the present application provides the following technical solutions: a network equipment security vulnerability early warning system comprises a risk discovery module for discovering risks, a wind control center for risk disposal of the risks and a display module for displaying risk disposal results; the working method of the network equipment security vulnerability early warning system comprises the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the treatment result and displays the treatment result.
In one embodiment, the vulnerability scanning engine comprises a POC scanning engine, a vulnerability scanning engine, a weak password scanning engine.
In one embodiment, the risk includes a vulnerability, a threat, a weak password.
In one embodiment, the first step specifically includes:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
In one embodiment, the third step further includes:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module.
In one embodiment, the rectification task state information includes a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-checked state, and a check-up completion state, where the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to perform rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order has been generated and issued to the rectification person to perform rectification, the rectification in-process state is located as a task state corresponding to a risk that the rectification person has received the work order, the to-be-checked state is defined as a task state corresponding to a risk that the rectification person has completed rectification, and the check-up completion state is defined as a task state corresponding to a risk that a check-up result is successfully checked by a check-up person.
In one embodiment, the third step specifically includes:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a modifier for the work order and issues the work order to the assigned modifier, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risk, and the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is the acceptance completion state.
The network equipment security vulnerability early warning system can configure scanning tasks which are immediately, delayed, periodic and circularly executed, simultaneously supports multiple scanning engines to carry out risk scanning, realizes comprehensive risk scanning on network equipment on the basis of abundant engine bottom data, ensures to discover each existing vulnerability, does not omit any risk, simultaneously can submit the scanned risk to a pneumatic control center in real time for rectification, and displays the risk rectification result in real time through a display module. On the other hand, the network equipment security vulnerability early warning system has complete emergency response and disposal working procedures, closed-loop treatment of risks is formed, and risk disposal efficiency of security vulnerabilities is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic structural diagram of a network device security vulnerability early warning system in an embodiment of the present application;
fig. 2 is an architecture diagram of a network device security vulnerability early warning system in an embodiment of the present application;
fig. 3 is a schematic flow chart of step three in the embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the components, modules and mechanisms that are not described in detail in this application are all general standard components or components known to those skilled in the art, and the structure and principle of the components can be known to those skilled in the art through technical manuals or through routine experiments. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Example (b): fig. 1 shows a network device security vulnerability early warning system, which includes a risk discovery module for discovering risks, a wind control center for risk disposal of risks, and a display module for displaying risk disposal results. In an implementation manner, as shown in fig. 2, in the system architecture of this embodiment, the system includes system management, information asset management, leak library management, vulnerability management task management, system threat management, statistical form, and internal threat information analysis. The system management comprises risk discovery and risk rectification, and the risk existing in the target network device can be discovered and disposed through the system management. The information asset management comprises asset management and asset discovery management, the vulnerability management comprises vulnerability management, vulnerability publishing, vulnerability updating management and a vulnerability universal interface, a required risk rectification strategy can be provided for a risk rectification process through the information asset management, the part is similar to a deep learning principle and is not repeated one by one, meanwhile, vulnerability threat information sharing can be realized through the information asset management, the function of cooperative disposition is realized, and a basis is provided for efficient and comprehensive vulnerability disposition. The vulnerability management task management comprises task flow definition and vulnerability treatment tasks, and generation of a work order and an adjustment task list of the wind control center is supported through the task flow definition and the vulnerability treatment tasks. The system threat management comprises vulnerability threat intelligence and vulnerability discovery, comprehensive discovery and management of possible network attack threats and the like of target network equipment can be realized through the vulnerability threat intelligence and vulnerability discovery, and rich strategy data is provided for subsequent risk treatment. The statistical report comprises data statistics, graphical presentation and report generation, and the display module is communicated with the statistical report, so that the data of risk disposal and vulnerability management can be displayed on the display module in real time. The internal threat information analysis comprises vulnerability security situation presentation and vulnerability influence analysis, and various emerging risks are analyzed by the system through vulnerability security situation presentation and vulnerability influence analysis, so that remedial measures and emergency schemes are preset, and comprehensive and efficient risk discovery, management and disposal of a host system and network equipment are realized.
Based on the above, this embodiment discloses a working method of a network device security vulnerability early warning system, which includes the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result.
In this embodiment, the vulnerability scanning engine includes a POC scanning engine, a vulnerability scanning engine, and a weak password scanning engine. Correspondingly, the risks comprise vulnerabilities, threats and weak passwords.
Based on the setting of the vulnerability scanning engine, the first step specifically comprises the following steps:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
As a preferable implementation manner of this embodiment, the third step further includes:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module. The rectification task state information comprises a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-checked state and a check-up completion state, wherein the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to carry out rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order is generated and issued to the rectification person to carry out rectification, the rectification in-process state is positioned as a task state corresponding to a risk that the rectification person receives the work order, the to-be-checked state is defined as a task state corresponding to a risk that the rectification person completes rectification, and the check-up completion state is defined as a task state corresponding to a risk that a check-up person successfully checks up the rectification result.
Based on the generation of the rectification task list, as shown in fig. 3, the third step specifically includes:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a reforming person for the work order and issues the work order to the assigned reforming person, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risks, verifies whether the loophole can be found or not through loophole scanning, if the loophole is not found, the risk is successfully treated, otherwise, the risk fails, and in the system acceptance check process, the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is the acceptance completion state.
To sum up, the network equipment security vulnerability early warning system of the application realizes self-defined scanning tasks of immediate, delay, period and cyclic execution through configuration, supports the risk scanning of the independent engine and the third-party engine such as POC, weak password, vulnerability analysis and the like, and realizes comprehensive vulnerability scanning of the target network equipment on the basis of abundant engine bottom data, thereby ensuring that each existing vulnerability is found, any risk is not omitted, and the scanned risk can be timely submitted to a wind control center in a manual or automatic mode for risk rectification. Meanwhile, the network equipment security vulnerability early warning system has complete emergency response and disposal working procedures, closed-loop treatment of risks is formed, and risk disposal efficiency of security vulnerabilities is improved. And vulnerability threat intelligence can be shared, cooperative disposal is realized, and support is provided for efficient disposal of risks.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.

Claims (7)

1. A network equipment security vulnerability early warning system is characterized by comprising a risk discovery module for discovering risks, a wind control center for risk disposal of the risks and a display module for displaying risk disposal results; the working method of the network equipment security vulnerability early warning system comprises the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result.
2. The network device security vulnerability pre-warning system of claim 1, wherein the vulnerability scanning engine comprises a POC scanning engine, a vulnerability scanning engine, a weak password scanning engine.
3. The network device security vulnerability pre-warning system of claim 2, wherein the risk comprises a vulnerability, a threat, a weak password.
4. The network device security vulnerability early warning system according to claim 3, wherein the first step specifically comprises:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
5. The network device security vulnerability early warning system of claim 1, wherein the third step further comprises:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module.
6. The network device security vulnerability early warning system according to claim 5, wherein the rectification task state information comprises a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-verified state and a verification completed state, the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to carry out rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order has been generated and issued to the rectification person to carry out rectification, the rectification in-process state is positioned as a task state corresponding to a risk that the rectification person has received the work order, the to-be-verified state is defined as a task state corresponding to a risk that the rectification person has completed rectification, and the verification completed state is defined as a task state corresponding to a risk that a verification result is successfully verified by a verifier.
7. The network device security vulnerability early warning system according to claim 6, wherein the third step specifically comprises:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a modifier for the work order and issues the work order to the assigned modifier, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risk, and the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is an acceptance completion state.
CN202210474017.5A 2022-04-29 2022-04-29 Network equipment security vulnerability early warning system Pending CN114884719A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210474017.5A CN114884719A (en) 2022-04-29 2022-04-29 Network equipment security vulnerability early warning system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210474017.5A CN114884719A (en) 2022-04-29 2022-04-29 Network equipment security vulnerability early warning system

Publications (1)

Publication Number Publication Date
CN114884719A true CN114884719A (en) 2022-08-09

Family

ID=82673148

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210474017.5A Pending CN114884719A (en) 2022-04-29 2022-04-29 Network equipment security vulnerability early warning system

Country Status (1)

Country Link
CN (1) CN114884719A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8201257B1 (en) * 2004-03-31 2012-06-12 Mcafee, Inc. System and method of managing network security risks
CN104778414A (en) * 2015-05-06 2015-07-15 广州万方计算机科技有限公司 Vulnerability management system and method
CN105471919A (en) * 2016-01-15 2016-04-06 成都智扬易方软件有限公司 Network security vulnerability scanning and managing system
CN108737425A (en) * 2018-05-24 2018-11-02 北京凌云信安科技有限公司 Fragility based on multi engine vulnerability scanning association analysis manages system
CN109583711A (en) * 2018-11-13 2019-04-05 合肥优尔电子科技有限公司 A kind of security risk assessment whole process management system
CN110069930A (en) * 2019-04-29 2019-07-30 广东电网有限责任公司 A kind of loophole restorative procedure, device and computer readable storage medium
CN111199042A (en) * 2019-12-17 2020-05-26 中国南方电网有限责任公司超高压输电公司 Safe and efficient vulnerability management system
CN112511512A (en) * 2020-11-19 2021-03-16 北京凌云信安科技有限公司 Vulnerability scanning engine and risk management system of threat detection engine
CN113704767A (en) * 2021-08-10 2021-11-26 北京凌云信安科技有限公司 Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system
CN113901477A (en) * 2021-10-13 2022-01-07 湖北天融信网络安全技术有限公司 Vulnerability repair method and device based on Jira work order system, computer equipment and storage medium

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8201257B1 (en) * 2004-03-31 2012-06-12 Mcafee, Inc. System and method of managing network security risks
CN104778414A (en) * 2015-05-06 2015-07-15 广州万方计算机科技有限公司 Vulnerability management system and method
CN105471919A (en) * 2016-01-15 2016-04-06 成都智扬易方软件有限公司 Network security vulnerability scanning and managing system
CN108737425A (en) * 2018-05-24 2018-11-02 北京凌云信安科技有限公司 Fragility based on multi engine vulnerability scanning association analysis manages system
CN109583711A (en) * 2018-11-13 2019-04-05 合肥优尔电子科技有限公司 A kind of security risk assessment whole process management system
CN110069930A (en) * 2019-04-29 2019-07-30 广东电网有限责任公司 A kind of loophole restorative procedure, device and computer readable storage medium
CN111199042A (en) * 2019-12-17 2020-05-26 中国南方电网有限责任公司超高压输电公司 Safe and efficient vulnerability management system
CN112511512A (en) * 2020-11-19 2021-03-16 北京凌云信安科技有限公司 Vulnerability scanning engine and risk management system of threat detection engine
CN113704767A (en) * 2021-08-10 2021-11-26 北京凌云信安科技有限公司 Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system
CN113901477A (en) * 2021-10-13 2022-01-07 湖北天融信网络安全技术有限公司 Vulnerability repair method and device based on Jira work order system, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
US10878106B2 (en) Firmware verification
CN104077531B (en) System vulnerability appraisal procedure, device and system based on open vulnerability assessment language
US8291405B2 (en) Automatic dependency resolution by identifying similar machine profiles
CN111611591B (en) Firmware bug detection method and device, storage medium and electronic equipment
CN110929264B (en) Vulnerability detection method and device, electronic equipment and readable storage medium
CN105955884B (en) App page white screen inspection method and device
CN107563205A (en) Typical smart machine leak detection method and permeability apparatus
CN112685743A (en) Automatic reinforcing method and system for host security baseline
CN106372496A (en) Method and system for improving payment terminal application security
CN110717184A (en) Distributed safety test system
Marksteiner et al. A process to facilitate automated automotive cybersecurity testing
CN114884719A (en) Network equipment security vulnerability early warning system
US20240020960A1 (en) Neural Network Host Platform for Detecting Anomalies in Cybersecurity Modules
CN110717315B (en) System data batch modification method and device, storage medium and electronic equipment
CN111767218A (en) Automatic testing method, equipment and storage medium for continuous integration
KR102589662B1 (en) compliance management system through automatic diagnosis of infrastructure asset threat and method therefor
CN115361203A (en) Vulnerability analysis method based on distributed scanning engine
CN106156627B (en) The treating method and apparatus of automatic information system loophole risk
CN114491555A (en) Equipment safety detection method and device, computer equipment and storage medium
CN114329486A (en) Asset vulnerability management method and device, electronic equipment and storage medium
CN114095218A (en) Asset vulnerability management method and device
CN112328996A (en) Operation authentication method, device, equipment and storage medium based on DCS system
CN112579453A (en) Task testing method, device, equipment and storage medium
CN112783532A (en) Program testing system and device for financial terminal equipment
CN113419944B (en) Initialization method and device for fuzz test and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination