CN107480532A - Regression testing method based on vulnerability scanning - Google Patents

Regression testing method based on vulnerability scanning Download PDF

Info

Publication number
CN107480532A
CN107480532A CN201710651876.6A CN201710651876A CN107480532A CN 107480532 A CN107480532 A CN 107480532A CN 201710651876 A CN201710651876 A CN 201710651876A CN 107480532 A CN107480532 A CN 107480532A
Authority
CN
China
Prior art keywords
leak
regression
regression test
test database
data message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710651876.6A
Other languages
Chinese (zh)
Inventor
吴思宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201710651876.6A priority Critical patent/CN107480532A/en
Publication of CN107480532A publication Critical patent/CN107480532A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a kind of regression testing method based on vulnerability scanning, including:Platform leak is scanned comprehensively;Data message deposit regression test database corresponding to the leak of appearance will be scanned;After user changes platform leak, regression test database is called, platform is scanned;And the data message of last regression test database is emptied, and data message corresponding to the leak of this test reproduction is write into regression test database;After each regression test end of scan, judge whether data message corresponding to the leak of regression test database storage meets standard, terminate to scan if standard is met;The present invention can effectively improve scan efficiency, save the time.

Description

Regression testing method based on vulnerability scanning
Technical field
The present invention relates to technical field of network security, and in particular to a kind of regression testing method based on vulnerability scanning.
Background technology
With the development of information age, national development enters Internet era, and country encourages masses to start an undertaking, therefore in Small company's platform emerges in an endless stream, but because technology is not as big companies' maturation, it is limited plus starting fund, it is impossible to which that purchase is big The service of type enterprise, so answering the demand product to generate this technical tactic, belong to industry class innovation and application first.
Existing secure scanner or service, are not provided with regression testing policy, and methods and strategies cost of implementation is low It is honest and clean, very high trade benefit and technical benefits can be produced.Prior art does not return the methods and strategies of scanning, so to returning The platform of test, all it is to carry out full leak script scans, excessive load can be so caused to server, to the platform of client just Often operation, which will also result in, significantly affects, and efficiency is low.This methods and strategies can be reduced 80% and swept in regression test Time overhead is retouched, increases the project that can be scanned, reduces a variety of benefits such as server stress.
The content of the invention
Instant invention overcomes the deficiencies in the prior art, there is provided a kind of regression testing method based on vulnerability scanning, it is intended to carry Height scanning user changes the regression test efficiency after leak, reduces consumption of the service product to hardware resource, and reduce to The counter productive that family detection of platform is brought.
In view of the above mentioned problem of prior art, according to one side disclosed by the invention, the present invention uses following technology Scheme:
A kind of regression testing method based on vulnerability scanning, including:
Step 1: platform leak is scanned comprehensively;
Step 2: will scan data message corresponding to the leak of appearance is stored in regression test database;
Step 3: after user changes platform leak, regression test database is called, platform is scanned;It is and clear The data message of empty last regression test database, and data message write-in corresponding to the leak of this test reproduction is returned Test database;
Step 4: after each regression test end of scan, number corresponding to the leak of regression test database storage is judged It is believed that whether breath meets standard, terminate to scan if standard is met, conversely, then repeat step three.
In order to which the present invention is better achieved, further technical scheme is:
According to one embodiment of the invention, in the case where regression test database is sky, regression test number is destroyed According to storehouse.
According to another embodiment of the invention, data message corresponding to the leak is the script name of leak.
According to another embodiment of the invention, database storage leak corresponding data information is replaced using json strings Mode.
The present invention can also be:
According to another embodiment of the invention, data corresponding to the leak for judging the storage of regression test database The whether standard compliant mode of information is whether the data message of the regression test database is empty.
Compared with prior art, one of beneficial effects of the present invention are:
A kind of regression testing method based on vulnerability scanning of the present invention, when solving regression test, traditional is complete Time and the wasting of resources caused by vulnerability scanning script is run, and the service impact to caused by user platform;The present invention can be with It is effective to improve scan efficiency, the time is saved, and specific aim is stronger.
Brief description of the drawings
, below will be to embodiment for clearer explanation present specification embodiment or technical scheme of the prior art Or the required accompanying drawing used is briefly described in the description of prior art, it should be apparent that, drawings in the following description are only It is the reference to some embodiments in present specification, for those skilled in the art, is not paying creative work In the case of, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the regression test schematic flow sheet based on vulnerability scanning according to one embodiment of the invention.
Embodiment
The present invention is described in further detail with reference to embodiment, but the implementation of the present invention is not limited to this.
As shown in figure 1, Fig. 1 shows the regression test flow according to an embodiment of the invention based on vulnerability scanning, Including:
Step 1, vulnerability scanning mode traditionally carry out first scan;
After step 2, scanning start a leak, the leak that will appear from corresponds to script name deposit regression test database;
Step 3, when user has changed platform leak, regression test service is called in application, and engine directly invokes regression test Database, platform is scanned;
Step 4, regression test database empty, regression test reproduction leak write-in regression test database;
Step 5, the regression test end of scan, judge whether regression test database is empty, if regression test database It is not sky, is repeated from the 3rd step, if regression test database is sky, into step 6;
Step 6, destroy the project regression test database.
(second test) is tested present invention is mainly used for the multiple regression to system, the plan is added in Vulnerability-scanning technology Slightly, it is intended to scan efficiency when improving regression test and the saving to products-hardware resource, wherein having used database to deposit The temporarily below standard ephemeral data of client is put, and database is deleted after up to standard, reclaims hardware resource, while it is hidden to reach protection user The effect of private data.
Wherein, temporary hole information is deposited with database for more than, and is deleted after qualified, it is possible to use similar side Case, such as gone here and there and replaced with json.Number for regression test can be multiple, and the mark of end can be just calculation flow knot up to standard Beam.
To sum up, the present invention is applied to vulnerability scanning engine direction, is a kind of methods and strategies, so as to provide a kind of spirit to client Cheap purchase service plan living, reduces resource overhead in itself to server.Caused by when solving vulnerability scanning regression test Ample resources wastes, and improves scan efficiency, reduces server resource temporary rate;Effect:Existing script bank 5w+, a platform Leak most 500, regression test (i.e. second test) at least improve efficiency 99%.
" one embodiment " for being spoken of in this manual, " another embodiment ", " embodiment ", etc., refer to tying Specific features, structure or the feature for closing embodiment description are included at least one embodiment of the application generality description In.It is not necessarily to refer to same embodiment that statement of the same race, which occur, in multiple places in the description.Appoint furthermore, it is understood that combining When one embodiment describes a specific features, structure or feature, what is advocated is this to realize with reference to other embodiment Feature, structure or feature are also fallen within the scope of the present invention.
Although reference be made herein to invention has been described for multiple explanatory embodiments of the invention, however, it is to be understood that Those skilled in the art can be designed that a lot of other modifications and embodiment, and these modifications and embodiment will fall in this Shen Please be within disclosed spirit and spirit.More specifically, can be to master in the range of disclosure and claim The building block and/or layout for inscribing composite configuration carry out a variety of variations and modifications.Except what is carried out to building block and/or layout Outside variations and modifications, to those skilled in the art, other purposes also will be apparent.

Claims (5)

  1. A kind of 1. regression testing method based on vulnerability scanning, it is characterised in that including:
    Step 1: platform leak is scanned comprehensively;
    Step 2: will scan data message corresponding to the leak of appearance is stored in regression test database;
    Step 3: after user changes platform leak, regression test database is called, platform is scanned;And empty The data message of regression test database, and data message corresponding to the leak of this test reproduction is write into regression test Database;
    Step 4: after each regression test end of scan, data letter corresponding to the leak of regression test database storage is judged Whether breath meets standard, terminates to scan if standard is met, conversely, then repeat step three.
  2. 2. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that corresponding to the leak Data message is the script name of leak.
  3. 3. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that gone here and there and replaced using json Database deposits the mode of leak corresponding data information.
  4. 4. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that described to judge to return survey Try the data that the whether standard compliant mode of data message corresponding to the leak of database storage is the regression test database Whether information is empty.
  5. 5. the regression testing method according to claim 4 based on vulnerability scanning, it is characterised in that in regression test data In the case that sky is in storehouse, regression test database is destroyed.
CN201710651876.6A 2017-08-02 2017-08-02 Regression testing method based on vulnerability scanning Pending CN107480532A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710651876.6A CN107480532A (en) 2017-08-02 2017-08-02 Regression testing method based on vulnerability scanning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710651876.6A CN107480532A (en) 2017-08-02 2017-08-02 Regression testing method based on vulnerability scanning

Publications (1)

Publication Number Publication Date
CN107480532A true CN107480532A (en) 2017-12-15

Family

ID=60598192

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710651876.6A Pending CN107480532A (en) 2017-08-02 2017-08-02 Regression testing method based on vulnerability scanning

Country Status (1)

Country Link
CN (1) CN107480532A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108536600A (en) * 2018-04-12 2018-09-14 平安普惠企业管理有限公司 Regression testing method, unit and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103955429A (en) * 2014-05-16 2014-07-30 北京金山网络科技有限公司 Method and device for determining regression testing range
CN104750601A (en) * 2013-12-25 2015-07-01 中国移动通信集团吉林有限公司 Test method and test device
CN105117335A (en) * 2015-08-26 2015-12-02 卡斯柯信号有限公司 Method for automated verification and regression test of software unit
CN106526367A (en) * 2016-10-26 2017-03-22 深圳市赛格导航科技股份有限公司 Electronic equipment testing method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104750601A (en) * 2013-12-25 2015-07-01 中国移动通信集团吉林有限公司 Test method and test device
CN103955429A (en) * 2014-05-16 2014-07-30 北京金山网络科技有限公司 Method and device for determining regression testing range
CN105117335A (en) * 2015-08-26 2015-12-02 卡斯柯信号有限公司 Method for automated verification and regression test of software unit
CN106526367A (en) * 2016-10-26 2017-03-22 深圳市赛格导航科技股份有限公司 Electronic equipment testing method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108536600A (en) * 2018-04-12 2018-09-14 平安普惠企业管理有限公司 Regression testing method, unit and computer readable storage medium

Similar Documents

Publication Publication Date Title
Lichtenthaler Shared value innovation: Linking competitiveness and societal goals in the context of digital transformation
Castka et al. Management systems standards: Diffusion, impact and governance of ISO 9000, ISO 14000, and other management standards
CN109635276B (en) Information matching method and terminal
US10860295B1 (en) Automated detection of ambiguities in software design diagrams
EP2643753B1 (en) Method to measure software reuse and corresponding computer program product
CN101242279A (en) Automatic penetration testing system and method for WEB system
CN103313289A (en) Wap system automatic test system and method
CN105959331B (en) The optimization method and device of firewall policy
Fransen et al. Introduction to the special issue: Public and private labor standards policy in the global economy
van Zelst et al. Detection and removal of infrequent behavior from event streams of business processes
CN110827002A (en) Workflow-based approval method and workflow engine
CN110941674A (en) Block chain-based compliance audit method, device, system and storage medium
CN111667141A (en) Pending task case processing method, device, equipment and storage medium
CN107480532A (en) Regression testing method based on vulnerability scanning
Song et al. Timed modeling and verification of BPEL processes using time Petri nets
US8214236B2 (en) Developing and sustaining capabilities of a business
CN112613887B (en) Customer relationship management method and system based on big data
US8949787B2 (en) Locating isolation points in an application under multi-tenant environment
TWI446282B (en) System and method for tips in dynamic audit
Zou et al. Live instance migration with data consistency in composite service evolution
CN110674380B (en) Data query method, system, readable storage medium and intelligent device
Amuda-Yusuf et al. Barriers to Electronic Tendering Adoption by Organisations in Nigerian Construction Industry
An Service-Oriented Architecture (SOA) is not just another product or technology to be added to the IT environment. Rather, SOA requires significant and often fairly far-reaching changes to truly reap all the benefits of adopting SOA. To successfully adopt SOA, a company must create a plan that addresses the full extent of the changes required for SOA.
Wongthongchai et al. The influence of green training on green supply chain management practices and Firm’s performance
Habarta Socio-Economic Models of Latin American States

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171215