CN114884719A - Network equipment security vulnerability early warning system - Google Patents
Network equipment security vulnerability early warning system Download PDFInfo
- Publication number
- CN114884719A CN114884719A CN202210474017.5A CN202210474017A CN114884719A CN 114884719 A CN114884719 A CN 114884719A CN 202210474017 A CN202210474017 A CN 202210474017A CN 114884719 A CN114884719 A CN 114884719A
- Authority
- CN
- China
- Prior art keywords
- risk
- network equipment
- rectification
- vulnerability
- state
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02A—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
- Y02A10/00—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE at coastal zones; at river basins
- Y02A10/40—Controlling or monitoring, e.g. of flood or hurricane; Forecasting, e.g. risk assessment or mapping
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a network equipment security vulnerability early warning system which comprises a risk discovery module, a wind control center and a display module, wherein the risk discovery module is used for discovering risks; the working method comprises the following steps: the method comprises the following steps: the risk discovery module carries out risk scanning on target network equipment; step two: submitting risks to the wind control center for risk treatment; step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result; step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result. The network equipment security vulnerability early warning system has high vulnerability disposal efficiency.
Description
Technical Field
The invention relates to the technical field of vulnerability management, in particular to a network equipment security vulnerability early warning system.
Background
The hidden trouble of the vulnerability is a main factor of information security risk, and because of the hidden trouble of the vulnerability, viruses are flooded, attack invasion, Trojan backdoor and information leakage exist. Due to technical defects, misconfigurations and attack upgrades, new vulnerabilities occur every day. However, the vulnerability can be quickly managed, information security vulnerability management is well done, and quick perception, discovery and repair of the vulnerability are important guarantees for enterprises to make information security.
Currently, most enterprises adopt a vulnerability scanning system to detect vulnerabilities regularly, and manually and regularly perform security inspection to discover security vulnerabilities and then perform repair and reinforcement work. However, this vulnerability detection method has the following problems: (1) the method depends on manual operation, and lacks of automatic and standardized means; (2) the vulnerability feature library is slow to update, and the discovery and the disposal of the vulnerability have hysteresis; (3) the information of the network assets is not completely mastered, and the bugs are difficult to find and repair accurately in time; (4) the overall treatment lacks of cooperativity. In conclusion, vulnerability management in the prior art has potential safety hazards.
Disclosure of Invention
An object of the present application is to provide a network device security vulnerability early warning system to solve the problem of potential safety hazard in vulnerability management in the prior art provided in the background art.
In order to achieve the above purpose, the present application provides the following technical solutions: a network equipment security vulnerability early warning system comprises a risk discovery module for discovering risks, a wind control center for risk disposal of the risks and a display module for displaying risk disposal results; the working method of the network equipment security vulnerability early warning system comprises the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the treatment result and displays the treatment result.
In one embodiment, the vulnerability scanning engine comprises a POC scanning engine, a vulnerability scanning engine, a weak password scanning engine.
In one embodiment, the risk includes a vulnerability, a threat, a weak password.
In one embodiment, the first step specifically includes:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
In one embodiment, the third step further includes:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module.
In one embodiment, the rectification task state information includes a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-checked state, and a check-up completion state, where the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to perform rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order has been generated and issued to the rectification person to perform rectification, the rectification in-process state is located as a task state corresponding to a risk that the rectification person has received the work order, the to-be-checked state is defined as a task state corresponding to a risk that the rectification person has completed rectification, and the check-up completion state is defined as a task state corresponding to a risk that a check-up result is successfully checked by a check-up person.
In one embodiment, the third step specifically includes:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a modifier for the work order and issues the work order to the assigned modifier, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risk, and the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is the acceptance completion state.
The network equipment security vulnerability early warning system can configure scanning tasks which are immediately, delayed, periodic and circularly executed, simultaneously supports multiple scanning engines to carry out risk scanning, realizes comprehensive risk scanning on network equipment on the basis of abundant engine bottom data, ensures to discover each existing vulnerability, does not omit any risk, simultaneously can submit the scanned risk to a pneumatic control center in real time for rectification, and displays the risk rectification result in real time through a display module. On the other hand, the network equipment security vulnerability early warning system has complete emergency response and disposal working procedures, closed-loop treatment of risks is formed, and risk disposal efficiency of security vulnerabilities is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic structural diagram of a network device security vulnerability early warning system in an embodiment of the present application;
fig. 2 is an architecture diagram of a network device security vulnerability early warning system in an embodiment of the present application;
fig. 3 is a schematic flow chart of step three in the embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the components, modules and mechanisms that are not described in detail in this application are all general standard components or components known to those skilled in the art, and the structure and principle of the components can be known to those skilled in the art through technical manuals or through routine experiments. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Example (b): fig. 1 shows a network device security vulnerability early warning system, which includes a risk discovery module for discovering risks, a wind control center for risk disposal of risks, and a display module for displaying risk disposal results. In an implementation manner, as shown in fig. 2, in the system architecture of this embodiment, the system includes system management, information asset management, leak library management, vulnerability management task management, system threat management, statistical form, and internal threat information analysis. The system management comprises risk discovery and risk rectification, and the risk existing in the target network device can be discovered and disposed through the system management. The information asset management comprises asset management and asset discovery management, the vulnerability management comprises vulnerability management, vulnerability publishing, vulnerability updating management and a vulnerability universal interface, a required risk rectification strategy can be provided for a risk rectification process through the information asset management, the part is similar to a deep learning principle and is not repeated one by one, meanwhile, vulnerability threat information sharing can be realized through the information asset management, the function of cooperative disposition is realized, and a basis is provided for efficient and comprehensive vulnerability disposition. The vulnerability management task management comprises task flow definition and vulnerability treatment tasks, and generation of a work order and an adjustment task list of the wind control center is supported through the task flow definition and the vulnerability treatment tasks. The system threat management comprises vulnerability threat intelligence and vulnerability discovery, comprehensive discovery and management of possible network attack threats and the like of target network equipment can be realized through the vulnerability threat intelligence and vulnerability discovery, and rich strategy data is provided for subsequent risk treatment. The statistical report comprises data statistics, graphical presentation and report generation, and the display module is communicated with the statistical report, so that the data of risk disposal and vulnerability management can be displayed on the display module in real time. The internal threat information analysis comprises vulnerability security situation presentation and vulnerability influence analysis, and various emerging risks are analyzed by the system through vulnerability security situation presentation and vulnerability influence analysis, so that remedial measures and emergency schemes are preset, and comprehensive and efficient risk discovery, management and disposal of a host system and network equipment are realized.
Based on the above, this embodiment discloses a working method of a network device security vulnerability early warning system, which includes the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result.
In this embodiment, the vulnerability scanning engine includes a POC scanning engine, a vulnerability scanning engine, and a weak password scanning engine. Correspondingly, the risks comprise vulnerabilities, threats and weak passwords.
Based on the setting of the vulnerability scanning engine, the first step specifically comprises the following steps:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
As a preferable implementation manner of this embodiment, the third step further includes:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module. The rectification task state information comprises a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-checked state and a check-up completion state, wherein the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to carry out rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order is generated and issued to the rectification person to carry out rectification, the rectification in-process state is positioned as a task state corresponding to a risk that the rectification person receives the work order, the to-be-checked state is defined as a task state corresponding to a risk that the rectification person completes rectification, and the check-up completion state is defined as a task state corresponding to a risk that a check-up person successfully checks up the rectification result.
Based on the generation of the rectification task list, as shown in fig. 3, the third step specifically includes:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a reforming person for the work order and issues the work order to the assigned reforming person, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risks, verifies whether the loophole can be found or not through loophole scanning, if the loophole is not found, the risk is successfully treated, otherwise, the risk fails, and in the system acceptance check process, the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is the acceptance completion state.
To sum up, the network equipment security vulnerability early warning system of the application realizes self-defined scanning tasks of immediate, delay, period and cyclic execution through configuration, supports the risk scanning of the independent engine and the third-party engine such as POC, weak password, vulnerability analysis and the like, and realizes comprehensive vulnerability scanning of the target network equipment on the basis of abundant engine bottom data, thereby ensuring that each existing vulnerability is found, any risk is not omitted, and the scanned risk can be timely submitted to a wind control center in a manual or automatic mode for risk rectification. Meanwhile, the network equipment security vulnerability early warning system has complete emergency response and disposal working procedures, closed-loop treatment of risks is formed, and risk disposal efficiency of security vulnerabilities is improved. And vulnerability threat intelligence can be shared, cooperative disposal is realized, and support is provided for efficient disposal of risks.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.
Claims (7)
1. A network equipment security vulnerability early warning system is characterized by comprising a risk discovery module for discovering risks, a wind control center for risk disposal of the risks and a display module for displaying risk disposal results; the working method of the network equipment security vulnerability early warning system comprises the following steps:
the method comprises the following steps: the risk discovery module carries out risk scanning on the target network equipment through a plurality of vulnerability scanning engines;
step two: according to the risks discovered by scanning, automatically or manually submitting the risks to the wind control center for risk treatment;
step three: the wind control center arranges the received risks to generate a work order, distributes the work order to an rectifying person, the rectifying person obtains a pre-stored risk disposal strategy from a risk rectifying library preset in the wind control center to rectify the risks, and after the rectifying person finishes rectifying, sends the rectified result to an acceptance checker to accept the disposal result;
step four: and after the acceptance of the acceptance person is finished, the display module receives the disposal result and displays the disposal result.
2. The network device security vulnerability pre-warning system of claim 1, wherein the vulnerability scanning engine comprises a POC scanning engine, a vulnerability scanning engine, a weak password scanning engine.
3. The network device security vulnerability pre-warning system of claim 2, wherein the risk comprises a vulnerability, a threat, a weak password.
4. The network device security vulnerability early warning system according to claim 3, wherein the first step specifically comprises:
the risk discovery module carries out risk scanning on target network equipment through the vulnerability scanning engine, the vulnerability scanning engine carries out technical version matching with vulnerability influence range information in a vulnerability library of the risk discovery module after acquiring relevant information of a TCP/IP port and corresponding network access service of the target network equipment based on the identification of the target network equipment, and when successful matching is carried out, possible vulnerabilities of the target network equipment are stored in a risk correction library of the risk discovery module for further processing;
the risk discovery module carries out risk scanning on target network equipment through the POC scanning engine, the POC scanning engine acquires prestored vulnerability attack codes and carries out traversal vulnerability attack test on related data of the target network equipment, and when the attack is successful, vulnerabilities existing in the target network equipment are stored in a risk rectification library of the risk discovery module to wait for the next processing;
the risk discovery module carries out risk scanning on the target network equipment through the weak password scanning engine, the weak password scanning engine selects a corresponding weak password dictionary from a preset weak password library according to application program information corresponding to an open port of the target network equipment, traversal matching is carried out on the application program information of the target network equipment, and when a weak password exposed by the application program of the target network equipment is matched, the weak password existing in the target network equipment is stored in a risk rectification library of the risk discovery module to wait for further processing.
5. The network device security vulnerability early warning system of claim 1, wherein the third step further comprises:
and the wind control center arranges the received risks to generate an rectification task list with rectification task state information, and displays the rectification task list through the display module.
6. The network device security vulnerability early warning system according to claim 5, wherein the rectification task state information comprises a to-be-assigned state, a to-be-received state, a rectification in-process state, a to-be-verified state and a verification completed state, the to-be-assigned state is defined as a task state corresponding to a risk that a rectification person is not assigned to carry out rectification, the to-be-received state is defined as a task state corresponding to a risk that a work order has been generated and issued to the rectification person to carry out rectification, the rectification in-process state is positioned as a task state corresponding to a risk that the rectification person has received the work order, the to-be-verified state is defined as a task state corresponding to a risk that the rectification person has completed rectification, and the verification completed state is defined as a task state corresponding to a risk that a verification result is successfully verified by a verifier.
7. The network device security vulnerability early warning system according to claim 6, wherein the third step specifically comprises:
s1: the wind control center generates a work order according to the received risk, and the task state corresponding to the risk displayed by the display module is a state to be assigned;
s2: the wind control center assigns a modifier for the work order and issues the work order to the assigned modifier, and the task state corresponding to the risk displayed by the display module is a state to be received;
s3: the trustee receives the task, and the task state corresponding to the risk displayed by the display module is a trusteeship state;
s4: the truer finishes the truing and submitting, and the task state corresponding to the risk displayed by the display module is a to-be-checked state;
s5: the wind control center completes system acceptance check after traversing and matching the rectified target network equipment according to the pre-stored risk, and the task state corresponding to the risk displayed by the display module is a to-be-accepted state;
s6: after the system is checked and accepted, the checking and accepting person receives the result of the rectification and modification person and performs manual checking and acceptance, and the task state corresponding to the risk displayed by the display module is a to-be-checked and accepted state;
s7: when the manual acceptance fails, returning to S3;
s8: and when the manual acceptance passes, the acceptance of the acceptance person is successful, the work order is finished, and the task state corresponding to the risk displayed by the display module is an acceptance completion state.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210474017.5A CN114884719A (en) | 2022-04-29 | 2022-04-29 | Network equipment security vulnerability early warning system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210474017.5A CN114884719A (en) | 2022-04-29 | 2022-04-29 | Network equipment security vulnerability early warning system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114884719A true CN114884719A (en) | 2022-08-09 |
Family
ID=82673148
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210474017.5A Pending CN114884719A (en) | 2022-04-29 | 2022-04-29 | Network equipment security vulnerability early warning system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114884719A (en) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8201257B1 (en) * | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
CN104778414A (en) * | 2015-05-06 | 2015-07-15 | 广州万方计算机科技有限公司 | Vulnerability management system and method |
CN105471919A (en) * | 2016-01-15 | 2016-04-06 | 成都智扬易方软件有限公司 | Network security vulnerability scanning and managing system |
CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
CN109583711A (en) * | 2018-11-13 | 2019-04-05 | 合肥优尔电子科技有限公司 | A kind of security risk assessment whole process management system |
CN110069930A (en) * | 2019-04-29 | 2019-07-30 | 广东电网有限责任公司 | A kind of loophole restorative procedure, device and computer readable storage medium |
CN111199042A (en) * | 2019-12-17 | 2020-05-26 | 中国南方电网有限责任公司超高压输电公司 | Safe and efficient vulnerability management system |
CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
CN113704767A (en) * | 2021-08-10 | 2021-11-26 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system |
CN113901477A (en) * | 2021-10-13 | 2022-01-07 | 湖北天融信网络安全技术有限公司 | Vulnerability repair method and device based on Jira work order system, computer equipment and storage medium |
-
2022
- 2022-04-29 CN CN202210474017.5A patent/CN114884719A/en active Pending
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8201257B1 (en) * | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
CN104778414A (en) * | 2015-05-06 | 2015-07-15 | 广州万方计算机科技有限公司 | Vulnerability management system and method |
CN105471919A (en) * | 2016-01-15 | 2016-04-06 | 成都智扬易方软件有限公司 | Network security vulnerability scanning and managing system |
CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
CN109583711A (en) * | 2018-11-13 | 2019-04-05 | 合肥优尔电子科技有限公司 | A kind of security risk assessment whole process management system |
CN110069930A (en) * | 2019-04-29 | 2019-07-30 | 广东电网有限责任公司 | A kind of loophole restorative procedure, device and computer readable storage medium |
CN111199042A (en) * | 2019-12-17 | 2020-05-26 | 中国南方电网有限责任公司超高压输电公司 | Safe and efficient vulnerability management system |
CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
CN113704767A (en) * | 2021-08-10 | 2021-11-26 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system |
CN113901477A (en) * | 2021-10-13 | 2022-01-07 | 湖北天融信网络安全技术有限公司 | Vulnerability repair method and device based on Jira work order system, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10878106B2 (en) | Firmware verification | |
CN104077531B (en) | System vulnerability appraisal procedure, device and system based on open vulnerability assessment language | |
US8291405B2 (en) | Automatic dependency resolution by identifying similar machine profiles | |
CN111611591B (en) | Firmware bug detection method and device, storage medium and electronic equipment | |
CN110929264B (en) | Vulnerability detection method and device, electronic equipment and readable storage medium | |
CN105955884B (en) | App page white screen inspection method and device | |
CN107563205A (en) | Typical smart machine leak detection method and permeability apparatus | |
CN112685743A (en) | Automatic reinforcing method and system for host security baseline | |
CN106372496A (en) | Method and system for improving payment terminal application security | |
CN110717184A (en) | Distributed safety test system | |
Marksteiner et al. | A process to facilitate automated automotive cybersecurity testing | |
CN114884719A (en) | Network equipment security vulnerability early warning system | |
US20240020960A1 (en) | Neural Network Host Platform for Detecting Anomalies in Cybersecurity Modules | |
CN110717315B (en) | System data batch modification method and device, storage medium and electronic equipment | |
CN111767218A (en) | Automatic testing method, equipment and storage medium for continuous integration | |
KR102589662B1 (en) | compliance management system through automatic diagnosis of infrastructure asset threat and method therefor | |
CN115361203A (en) | Vulnerability analysis method based on distributed scanning engine | |
CN106156627B (en) | The treating method and apparatus of automatic information system loophole risk | |
CN114491555A (en) | Equipment safety detection method and device, computer equipment and storage medium | |
CN114329486A (en) | Asset vulnerability management method and device, electronic equipment and storage medium | |
CN114095218A (en) | Asset vulnerability management method and device | |
CN112328996A (en) | Operation authentication method, device, equipment and storage medium based on DCS system | |
CN112579453A (en) | Task testing method, device, equipment and storage medium | |
CN112783532A (en) | Program testing system and device for financial terminal equipment | |
CN113419944B (en) | Initialization method and device for fuzz test and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |