CN107707578A - Cloud service assets based on vulnerability scanning are met an urgent need scan method - Google Patents
Cloud service assets based on vulnerability scanning are met an urgent need scan method Download PDFInfo
- Publication number
- CN107707578A CN107707578A CN201711214889.3A CN201711214889A CN107707578A CN 107707578 A CN107707578 A CN 107707578A CN 201711214889 A CN201711214889 A CN 201711214889A CN 107707578 A CN107707578 A CN 107707578A
- Authority
- CN
- China
- Prior art keywords
- cloud service
- leak
- asset
- scan method
- vulnerability scanning
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to Security Vulnerability Detection, it discloses a kind of emergent scan method of cloud service assets based on vulnerability scanning, in the security of the very first time detection cloud service assets of high-risk leak outburst, protecting platform assets security.This method comprises the following steps:A. when high-risk leak breaks out, the POC checking scripts of new leak are write;B. the asset data inquired about in cloud service asset management storehouse;C. call the newest POC of renewal to verify script, leak inspection is carried out to the asset data of inquiry;D. determine whether that new leak occurs, if so, then informing asset owner in time.
Description
Technical field
The present invention relates to Security Vulnerability Detection, and in particular to a kind of cloud service assets based on vulnerability scanning are emergent to sweep
Retouch method.
Background technology
With the fast development of internet, plus the popularization of agile development, existing research staff uses third party's framework and entered
Exercise and use or develop.And the another aspect of internet development, the network security problem attacked using leak become increasingly tight
Weight, if the very first time high-risk leak can be apprised of, security protection can be carried out as early as possible, reduces loss.
Conventional Hole Detection is that periodically local network application is leaked by hole scanner according to demand by user
Hole is scanned, and this mode has hysteresis quality, it is impossible to finds leak in time, potential safety hazard be present.
The content of the invention
The technical problems to be solved by the invention are:It is proposed that a kind of cloud service assets based on vulnerability scanning are met an urgent need scanning side
Method, in the security of the very first time detection cloud service assets of high-risk leak outburst, protecting platform assets security.
The present invention solves the technical scheme that above-mentioned technical problem uses:
Cloud service assets based on vulnerability scanning are met an urgent need scan method, are comprised the following steps:
A. when high-risk leak breaks out, the POC checking scripts of new leak are write;
B. the asset data inquired about in cloud service asset management storehouse;
C. call the newest POC of renewal to verify script, leak inspection is carried out to the asset data of inquiry;
D. determine whether that new leak occurs, if so, then informing asset owner in time.
Optimize as further, in step a, when high-risk leak breaks out, new leakage is write by cloud service platform technical staff
The POC checking scripts in hole.
Optimize as further, in step b, the asset data includes the host ip in cloud service asset management, domain name.
Optimize as further, in step d, if there is new leak to occur, the mailbox of the queries asset owner, pass through mail
Inform asset owner.
The beneficial effects of the invention are as follows:
In the very first time of leak outburst, by calling new validating vulnerability script, the networked asset in asset management is entered
Row answers acute detection in time, ensures assets security;If it find that assets have leak, money will be sent mail to the very first time
The owner or custodian are produced, informs carry out leak repairing.
Brief description of the drawings
Fig. 1 is the emergent scan method flow chart of the cloud service assets based on vulnerability scanning in the present invention.
Embodiment
The scan method the present invention is directed to propose a kind of cloud service assets based on vulnerability scanning are met an urgent need, breaks out in high-risk leak
The very first time detection cloud service assets security, protecting platform assets security.The solution of the present invention core concept is:Leaking
The very first time of hole outburst, new validating vulnerability script is called by writing, the networked asset in asset management in time should
Acute detection, ensure assets security;If it find that assets have leak, the very first time asset owner will be sent mail to
Or custodian, inform carry out leak repairing;It is mainly used in all assets informations of emergency monitoring platform, is protected within the very first time
Protect the safety of platform management assets.
As shown in figure 1, the cloud service assets based on vulnerability scanning in the present invention are met an urgent need, scan method includes implemented below
Step:
A. when high-risk leak breaks out, the POC checking scripts of new leak are write;
In step a, the POC that new leak is write by cloud service platform technical staff verifies script, so can be according to network
The Safety actuality very first time designs vulnerability scanning script.
B. the asset data inquired about in cloud service asset management storehouse;
In step b, the asset data in cloud service asset management storehouse generally includes the IP of main frame of management, domain name, and this
A little asset datas easily become the object of assault.
C. call the newest POC of renewal to verify script, leak inspection is carried out to the asset data of inquiry.
In step c, after queries asset data, directly invoking the POC checking scripts write can be to new leak
It is scanned and detects.
D. determine whether that new leak occurs, if so, then informing asset owner in time.
In step d, if there is new leak to occur, the mailbox of the queries asset owner, asset owner is informed by mail,
So that asset owner carries out leak repairing in time, assets security is improved.
Claims (4)
- The scan method 1. the cloud service assets based on vulnerability scanning are met an urgent need, it is characterised in that comprise the following steps:A. when high-risk leak breaks out, the POC checking scripts of new leak are write;B. the asset data inquired about in cloud service asset management storehouse;C. call the newest POC of renewal to verify script, leak inspection is carried out to the asset data of inquiry;D. determine whether that new leak occurs, if so, then informing asset owner in time.
- 2. the emergent scan method of the cloud service assets based on vulnerability scanning as claimed in claim 1, it is characterised in that step a In, when high-risk leak breaks out, the POC that new leak is write by cloud service platform technical staff verifies script.
- 3. the emergent scan method of the cloud service assets based on vulnerability scanning as claimed in claim 1, it is characterised in that step b In, the asset data includes the host ip in cloud service asset management storehouse, domain name.
- 4. the emergent scan method of the cloud service assets based on vulnerability scanning as claimed in claim 1, it is characterised in that step d In, if there is new leak to occur, the mailbox of the queries asset owner, asset owner is informed by mail.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711214889.3A CN107707578A (en) | 2017-11-28 | 2017-11-28 | Cloud service assets based on vulnerability scanning are met an urgent need scan method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711214889.3A CN107707578A (en) | 2017-11-28 | 2017-11-28 | Cloud service assets based on vulnerability scanning are met an urgent need scan method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107707578A true CN107707578A (en) | 2018-02-16 |
Family
ID=61185971
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711214889.3A Pending CN107707578A (en) | 2017-11-28 | 2017-11-28 | Cloud service assets based on vulnerability scanning are met an urgent need scan method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107707578A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112671609A (en) * | 2020-12-21 | 2021-04-16 | 哈尔滨工大天创电子有限公司 | Asset census and safety detection method and device and terminal equipment |
CN113158195A (en) * | 2021-04-09 | 2021-07-23 | 上海碳泽信息科技有限公司 | Distributed vulnerability scanning method and system based on POC script |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9135405B2 (en) * | 2011-05-26 | 2015-09-15 | Carnegie Mellon University | Automated exploit generation |
CN106453386A (en) * | 2016-11-09 | 2017-02-22 | 深圳市魔方安全科技有限公司 | Automatic internet asset monitoring and risk detecting method based on distributed technology |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
CN107277080A (en) * | 2017-08-23 | 2017-10-20 | 深信服科技股份有限公司 | A kind of is the internet risk management method and system of service based on safety |
-
2017
- 2017-11-28 CN CN201711214889.3A patent/CN107707578A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9135405B2 (en) * | 2011-05-26 | 2015-09-15 | Carnegie Mellon University | Automated exploit generation |
CN106453386A (en) * | 2016-11-09 | 2017-02-22 | 深圳市魔方安全科技有限公司 | Automatic internet asset monitoring and risk detecting method based on distributed technology |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
CN107277080A (en) * | 2017-08-23 | 2017-10-20 | 深信服科技股份有限公司 | A kind of is the internet risk management method and system of service based on safety |
Non-Patent Citations (1)
Title |
---|
谭君等: "远程漏洞评估方法与设计", 《电子技术与软件工程》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112671609A (en) * | 2020-12-21 | 2021-04-16 | 哈尔滨工大天创电子有限公司 | Asset census and safety detection method and device and terminal equipment |
CN113158195A (en) * | 2021-04-09 | 2021-07-23 | 上海碳泽信息科技有限公司 | Distributed vulnerability scanning method and system based on POC script |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104917749B (en) | account registration method and device | |
Syalim et al. | Comparison of risk analysis methods: Mehari, magerit, NIST800-30 and microsoft's security management guide | |
Kechagias et al. | Digital transformation of the maritime industry: A cybersecurity systemic approach | |
US20240176879A1 (en) | Generating Simulated Spear Phishing Messages and Customized Cybersecurity Training Modules Using Machine Learning | |
CN104021467A (en) | Method and device for protecting payment security of mobile terminal and mobile terminal | |
US11637870B2 (en) | User responses to cyber security threats | |
CN110909384B (en) | Method and device for determining business party revealing user information | |
CN103139155A (en) | Processing method, equipment and system of reporting information | |
CN106571998A (en) | Parking contact method and system capable of protecting privacy and convenient to contact | |
CN107707578A (en) | Cloud service assets based on vulnerability scanning are met an urgent need scan method | |
US20230086249A1 (en) | Email Verification Using Injected Tokens for Message Authentication | |
CN110851872A (en) | Risk assessment method and device for private data leakage | |
Semer | AUDITING THE BYOD PROGRAM. | |
CN104038488A (en) | System network safety protection method and device | |
Heering | Ensuring cybersecurity in shipping: Reference to Estonian shipowners | |
CN105430195A (en) | Data transmission method | |
CN106936807A (en) | A kind of recognition methods of malicious operation and device | |
CN110290512A (en) | Secondary number of distributing telephone numbers determines method, apparatus | |
CN104917738A (en) | Finance platform data processing method and system | |
Bautista-Villalpando et al. | A Data Security Framework for Cloud Computing Services. | |
CN110149267A (en) | A kind of method, equipment and system monitoring social software | |
CN115499840A (en) | Security assessment system and method for mobile internet | |
CN112532790B (en) | Short message processing method, system, terminal device and storage medium | |
KR101857969B1 (en) | Method and Apparatus for Determining Risk of Fraudulent Mail | |
CN112765622A (en) | Digital certificate management method, device, equipment and medium for electronic bill of lading |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180216 |