CN110727947A - Security vulnerability processing method, device, equipment and readable storage medium - Google Patents
Security vulnerability processing method, device, equipment and readable storage medium Download PDFInfo
- Publication number
- CN110727947A CN110727947A CN201910876477.9A CN201910876477A CN110727947A CN 110727947 A CN110727947 A CN 110727947A CN 201910876477 A CN201910876477 A CN 201910876477A CN 110727947 A CN110727947 A CN 110727947A
- Authority
- CN
- China
- Prior art keywords
- data
- security vulnerability
- target
- research
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a security vulnerability processing method, a security vulnerability processing device, security vulnerability processing equipment and a readable storage medium. According to the technical scheme, web crawlers are used for acquiring web page data from a web page project management system; the webpage data comprise irregular project contents manually input by research personnel; analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data; converting security vulnerability data by using the target attribute to obtain a target file; and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loopholes. According to the technical scheme, the problems that in the prior art, the efficiency of manual processing of defect data is low and research personnel do not know the state of the BUG can be solved under the condition that the data of the webpage project management system is prevented from being damaged.
Description
Technical Field
The present invention relates to the field of computer application technologies, and in particular, to a security vulnerability processing method, apparatus, device, and readable storage medium.
Background
At present, many companies use a Redmine system (web-based project management software developed by Ruby, which is a set of cross-platform project management system developed by an ROR framework) to maintain BUG (defects/vulnerabilities existing on hardware, software and protocol or system security policies, and security vulnerabilities).
The defect data (BUG) in the Redmine system is stored in a defect management library, and part of the data of Redmine can be accessed through a Test API. The API provides new build, update, and delete operations to the resource access and foundation. Among Redmine, there are a vast number of resources, while in Python-Redmine, resources can be accessed through a mode of a manager (ResourceManager). The Redmine API form issues defect data statistical interfaces with different dimensions, and the defect data can be acquired by calling the API interface through python.
Therefore, many companies use python to call the API interface, acquire defect data (with safety defect data) and store the defect data in a database, and access multiple interfaces for acquiring defect data with different dimensions is required, so that the implementation process is complicated; in addition, the Redmine API interface is directly accessed, and in the access process, misoperation can possibly lead the reference of the resource manager to point to other variables to cause the pollution of the manager and destroy the original data; and if the method which is not supported by the resource manager is used, the manager can report the corresponding exception.
Therefore, Redmine needs to manually download the defect data and count and analyze the defect condition, which may damage the original data, and when the amount of the defect data is large, the efficiency of manually processing the defect data is low, and the research and development personnel are not informed of the current BUG state in time.
In summary, how to effectively solve the problems of security holes and the like is a technical problem which needs to be solved urgently by technical personnel in the field at present.
Disclosure of Invention
The invention aims to provide a security vulnerability processing method, a security vulnerability processing device, security vulnerability processing equipment and a readable storage medium, so that on the premise of protecting original data, security vulnerability data can be quickly obtained and converted into a target file to be sent to research and development personnel for processing.
In order to solve the technical problems, the invention provides the following technical scheme:
a security vulnerability processing method comprises the following steps:
acquiring webpage data from a webpage project management system by using a web crawler; the webpage data comprise irregular project contents manually input by research personnel;
analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data;
converting the security vulnerability data by using the target attribute to obtain a target file;
and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loophole.
Preferably, the sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security vulnerability includes:
judging whether the security vulnerability data belongs to an overdue unfinished project or not;
and if so, sending the target file to the information display terminal.
Preferably, transforming the security vulnerability data by using the target attribute to obtain a target file, including:
acquiring a target project corresponding to the security vulnerability data;
judging whether the target project belongs to an overdue unfinished project or not;
if so, converting the security vulnerability data by using the target attribute to obtain the target file.
Preferably, analyzing the webpage data to obtain the security vulnerability data and the target attribute of the security vulnerability data includes:
acquiring an ID list of research and development personnel, analyzing and screening the webpage data by using the ID list of the research and development personnel, and acquiring security vulnerability data corresponding to the IDs of the research and development personnel and target attributes of the security vulnerability data.
Preferably, transforming the security vulnerability data by using the target attribute to obtain a target file, including:
converting the security vulnerability data into the target file matched with the target attribute according to the corresponding relationship between the attribute and the file format; wherein the target attribute is any one of defect, requirement, task and optimization.
Preferably, the sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security vulnerability includes:
and sending the target file mail to a mail display terminal of the research and development personnel.
Preferably, transforming the security vulnerability data by using the target attribute to obtain a target file, including:
and converting the security vulnerability data into a target file in an Excel format or an html format by using the target attribute.
A security breach processing apparatus, comprising:
the webpage data acquisition module is used for acquiring webpage data from the webpage project management system by utilizing a web crawler; the webpage data comprise irregular project contents manually input by research personnel;
the data analysis module is used for analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data;
the target file acquisition module is used for converting the security vulnerability data by using the target attribute to obtain a target file;
and the target file sending module is used for sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loophole conveniently.
A security breach processing device, comprising:
a memory for storing a computer program;
and the processor is used for realizing the steps of the security vulnerability processing method when the computer program is executed.
A readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the above-mentioned security vulnerability handling method.
By applying the method provided by the embodiment of the invention, the web crawler is utilized to acquire the web page data from the web page project management system; the webpage data comprise irregular project contents manually input by research personnel; analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data; converting security vulnerability data by using the target attribute to obtain a target file; and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loopholes.
The data content acquired in the method comprises irregular project content manually input by research personnel, and the project content cannot be acquired by the conventional Redmine API due to the irregularity of the project content. Compared with a method for accessing a Redmine database through a Redmine API (application program interface) to acquire data, the method for acquiring the webpage data from the webpage project management system through the web crawler is richer and safer, and cannot damage the original data. After the webpage data are obtained, the webpage data are analyzed to obtain security vulnerability data and target attributes corresponding to the security vulnerability data, the security vulnerability data are converted by using the target attributes to obtain a target file, and the target file is sent to an information display terminal of research and development personnel, such as computer equipment or intelligent mobile equipment (such as a smart phone) capable of displaying information, so that the research and development personnel can timely know the security vulnerability. Namely, the method can solve the problems that the efficiency of manually processing the defect data is low and research personnel does not know the state of the BUG in the prior art under the condition of avoiding destroying the data of the webpage project management system.
Correspondingly, the embodiment of the invention also provides a security vulnerability processing device, equipment and a readable storage medium corresponding to the security vulnerability processing method, which have the technical effects and are not described herein again.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart illustrating an implementation of a security vulnerability handling method according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating an embodiment of a security vulnerability handling method according to the present invention;
FIG. 3 is a diagram illustrating data crawling in accordance with an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a security hole processing apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a security vulnerability handling apparatus in an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a security vulnerability processing apparatus in an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the disclosure, the invention will be described in further detail with reference to the accompanying drawings and specific embodiments. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
referring to fig. 1, fig. 1 is a flowchart illustrating a security vulnerability handling method according to an embodiment of the present invention, the method including the following steps:
s101, acquiring webpage data from a webpage project management system by using a web crawler.
The webpage data comprise irregular project contents manually input by research personnel.
After the research and development personnel log in the webpage project management system (such as Redmine), some project content information of the webpage project management system, such as edited text or other contents, is manually input. The project content is the content edited by the user, so the project content is irregular (irregular) and cannot be obtained through the API of the database at present.
The Web page project management system may be a Web page project management system such as a project management and defect tracking tool (Redmine), an open source project management platform (Taiga), a Web-based project management platform (2-plan), a project scheduling and management tool (gantproject), a flexible open source project management tool (Orangescrum), an open source project management system (Jitamin), a project management application (OpenProject), and the like. For convenience of description, the web project management system is Redmine herein, and the technical solution is described in detail, and reference may be made to specific implementation processes of other specific web project management systems, which are not described in detail herein.
In embodiments of the present invention, the web crawlers may be pre-programmed. Specifically, a web crawler can be written in a python language, so that the web crawler can automatically log in the Redmine system to obtain the webpage data.
The web crawler simulates a browser to send a request in the process of acquiring the web page data, extracts useful data and stores the useful data in a database or a file. That is, crawl data flow: crawling-parsing-storing. Tool required for crawling data: request library (request) -parse library (beautifulsoap) -repository (file).
The process of opening the webpage is that a browser serves as a browsing client, sends a request to the server, captures the file of the server locally, and then explains and displays the file. The web crawler can use the http library to initiate a Request to the target site, that is, send a Request (Request), for example, the Request is GET/POST, and the Request includes: request header, request body, etc.; wherein the request header includes: accept (locally acceptable text format txt/html), Accept-Encoding (acceptable text Encoding format gzip/deflate/br), Accept-Language (acceptable Language), User-Agent (browser accessed, if no User-Agent client configuration exists in the request header, the server may determine as an illegal User host), and refer (access source);
acquiring Response content, and if the server can normally respond, obtaining a Response, wherein the Response status code comprises: 200 represents success, 301 represents a jump, 404 file is not present, 403 has no access right, 502 server error.
After receiving the Response, the normal browser analyzes the content to display the content to the user, and the web crawler obtains the web page data after simulating the browser to send the request and then receiving the Response. The web page data is related to the URL specifically visited by the web crawler, that is, the web data may be specific data information, such as a picture, an audio/video, or response data for responding or verifying successfully, such as whether the account password is verified.
S102, analyzing the webpage data to obtain the security vulnerability data and the target attribute of the security vulnerability data.
After the web page data is obtained by the web crawler, the web page data can be analyzed by the analysis library to obtain the security vulnerability data and the target attribute corresponding to the security vulnerability data. Specifically, html data (i.e., web page data) is parsed, and a third-party parsing library such as Beautifulsoup can be used to parse the obtained html file, so as to extract the required data from the html file. Wherein, the required data is the security vulnerability data. The security vulnerability data is data of defects, requirements, tasks, optimization and improvement and the like of specific research and development, each security vulnerability data corresponds to one or more attributes, the description is given by taking the example that the security vulnerability data corresponds to one attribute, and the corresponding attributes can be referred to. Attributes of the security breach data in embodiments of the present invention include, but are not limited to, defects, requirements, tasks, and optimization improvements.
Preferably, when the webpage data is analyzed, the webpage data can be analyzed according to the ID of the research and development personnel, so that the corresponding target file can be directly sent to the information display terminal of the corresponding research and development personnel in the following process. The implementation process comprises the following steps: and acquiring an ID list of research and development personnel, analyzing and screening the webpage data by utilizing the ID list of the research and development personnel, and acquiring the security vulnerability data corresponding to the IDs of the research and development personnel and the target attribute of the security vulnerability data. The Redmine system obtains a list of developer ids. The research and development personnel id list can be exported through an administrator or the data can be screened according to the research and development personnel id list subsequently by crawling the id list of the research and development personnel. For example, the name and id list of the developers in Redmine are exported from the system administrator, and the id list is put into the script as the Key for the subsequent screening of the BUG. Specifically, the people list can be derived according to the grouping situation of the current department, that is, the people list of the same group forms a txt file.
S103, converting the security vulnerability data by using the target attribute to obtain a target file.
Because the security vulnerability data obtained by analysis has no format and order and is inconvenient to view, the security vulnerability data can be converted according to the target data to obtain a target file convenient to view.
Specifically, the security vulnerability data can be converted into a target file matched with the target attribute according to the corresponding relationship between the attribute and the file format; wherein the target attribute is any one of defect, requirement, task and optimization.
And obtaining a target file, and converting the security vulnerability data into the target file in an Excel format or an html format by using the target attribute. That is to say, the target file obtained in the embodiment of the present invention may specifically be in an Excel format or an html format. For example, excel tables are respectively established corresponding to different attributes, and then corresponding security vulnerability data is added to the corresponding excel tables, namely the excel tables added with the security vulnerability data are target files.
Preferably, considering that the BUG processing needs to consume a certain time, in order to avoid repeated processing and reminding of the same BUG, the security vulnerability data can be judged when the target file is converted, so as to determine that the generated target file belongs to an overdue unfinished project. The specific implementation process comprises the following steps:
acquiring a target project corresponding to the security vulnerability data;
judging whether the target item belongs to an overdue unfinished item;
if so, converting the security vulnerability data by using the target attribute to obtain a target file;
and if not, stopping processing the security vulnerability data.
And further determining whether the processing mode of the security vulnerability data is available by using whether the target item corresponding to the security vulnerability data belongs to the overdue incomplete item. Wherein, the target item can represent the record by a specific task description or item number and item name.
And S104, sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loophole.
The information display terminal is a terminal device capable of displaying information, such as a computer device, an intelligent mobile terminal, e.g., a smart phone, a notebook computer, a tablet computer, and the like. Specifically, the target document mail may be sent to a mail display terminal of the research and development staff. It should be noted that the target file and the research and development staff can be bound, so that the corresponding target file can be sent to the corresponding mail of the research and development staff, so that the research and development staff can process the target file.
Preferably, considering that the BUG processing needs to consume a certain time, in order to avoid the repeated reminding of the same BUG, the implementation process may include:
judging whether the security vulnerability data belongs to an overdue unfinished project or not;
if yes, sending the target file to an information display terminal;
if not, ignoring the security vulnerability data, namely not processing the security vulnerability data.
And calculating the overdue time by using the current state, the starting time, the planned completion time and the current time in the security vulnerability data, wherein when the overdue time is greater than 0 and the current state is not in the completion state, the project corresponding to the security vulnerability data is in the overdue incomplete state.
By applying the method provided by the embodiment of the invention, the web crawler is utilized to acquire the web page data from the web page project management system; analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data; converting security vulnerability data by using the target attribute to obtain a target file; and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loopholes.
The data content acquired in the method comprises irregular project content manually input by research personnel, and the project content cannot be acquired by the conventional Redmine API due to the irregularity of the project content. Compared with a method for accessing a Redmine database through a Redmine API (application program interface) to acquire data, the method for acquiring the webpage data from the webpage project management system through the web crawler is richer and safer, and cannot damage the original data. After the webpage data are obtained, the webpage data are analyzed to obtain security vulnerability data and target attributes corresponding to the security vulnerability data, the security vulnerability data are converted by using the target attributes to obtain a target file, and the target file is sent to an information display terminal of research and development personnel, such as computer equipment or intelligent mobile equipment (such as a smart phone) capable of displaying information, so that the research and development personnel can timely know the security vulnerability. Namely, the method can solve the problems that the efficiency of manually processing the defect data is low and research personnel does not know the state of the BUG in the prior art under the condition of avoiding destroying the data of the webpage project management system.
Example two:
in order to better understand the security vulnerability processing method provided by the embodiment of the present invention, a detailed description is given below to the security vulnerability processing method by taking a specific application scenario as an example. Which is complementary to the first embodiment described above with respect to the first embodiment.
Referring to fig. 2, fig. 2 is a flowchart illustrating an embodiment of a security vulnerability processing method according to the present invention, the method including:
s1: jenkins configuration, including configuration timing daily build, post build mail configuration, and the like. The regular daily construction is that the server constructs the task at a certain fixed time every day, and the constructed mail configuration is that a result (target file) obtained after a script for realizing the security vulnerability processing method provided by the embodiment of the invention runs out (is executed) is automatically sent to a receiver (research and development personnel) in a mail form. Jenkins is an open source software project, is a continuous integration tool developed based on Java, is used for monitoring continuous and repeated work, and aims to provide an open and easy-to-use software platform to enable continuous integration of software to be possible.
Source code changes (according to the SCM software version number) may also be checked periodically, followed by checking out the latest code if there is an update, and then performing build actions.
S2: code synchronization in Git is to synchronize code on the server to local. This is because the version of the local branch code may have lagged behind the version of the remote branch code, and in order to avoid a code operation error, an automatic code synchronization operation needs to be performed after the code is triggered and constructed. Git is a free, open-source distributed version control system for processing any small or large project swiftly and efficiently.
S3, deriving the names and id lists of the research and development personnel in Redmine from a system administrator or crawling the id lists of the research and development personnel, and putting the id lists into a script to be used as keys for subsequently screening BUGs, wherein the personnel lists can be derived according to the grouping condition of the current department, namely the personnel lists in the same group form a txt file. Before automatically logging in a Redmine system through a web crawler, firstly, automatically acquiring a research and development personnel list, and if the personnel list exists, automatically logging in an OA-Redmine system according to a login user name and a password stored in a code; if the list does not exist, directly exiting.
The process of logging in Redmine can refer to a data crawling schematic diagram shown in fig. 3:
(1) the FireFox fire fox bag is grabbed by using a fiddler. The web crawler's most prominent processing object is the url, which takes the required file content based on the url address and then further processes it.
Firstly, acquiring a response message report of a resource at a url position of a Redmine webpage by a bag-grabbing tool (fixdler), namely acquiring the head information of the resource; and simultaneously submitting a request header comprising a locally receivable text format txt/html, a text encoding format gzip/deflate/br, a locally receivable language format, an accessed browser, an accessed source and the like to the Redmine server so as to obtain a locally analyzable data format in the subsequent process.
fiddle principle of operation: (precondition: Fiddler agent is opened and relevant configuration is completed by Fiddler browser), namely: browser < buddy > server.
The relevant configuration comprises setting fiddler as an HTTP proxy of the fire fox, specifically an IP address and a port of the HTTP proxy; thus, fiddler can be used to fetch the HTTP request for fire fox (by default,
firefox is not proxy enabled, and if the browser does not set the corresponding proxy after starting gaddler, then gaddler is unable to capture the HTTP request).
Wherein, the browser communicates with the server by establishing a TCP connection in HTTP protocol, and by default, sends HTTP (or HTTPS) request to the server.
After using fiddler, the request sent by the browser to the target server passes through the fiddler proxy, so that http(s) requests can be captured by the fiddler, and the sent http(s) requests can be interpreted, analyzed and even rewritten. All requests of the client end pass through the fixdler firstly and then are forwarded to the corresponding server, and otherwise, all responses of the server end also pass through the fixdler firstly and then are sent to the client end. The captured information mainly includes url, protocol, status code, body and other meeting information of the request.
(2) Requesting a target website to acquire resources at a url position; the html is analyzed into objects to be processed, all pages are converted into dictionaries or arrays, and the processing process can be greatly simplified;
(3) information is submitted to the web page. The submitted information comprises url and login information of the target website, and the login client information is the information captured in the step (1);
(4) and the response of the website is obtained, and the login of the automatic Redmine system is realized.
S4: and after the Redmine system is successfully logged in, adding screened data according to required conditions. The screening can be performed according to the research and development personnel list acquired in S3, so the web address in url0 is modified, the ID of each research and development personnel is entered as a parameter, and the information of each person is screened out each time in a loop. S4 is data screening, and the specific implementation process includes:
(1) after logging in the Redmine system successfully, acquiring url of the Redmine-filter webpage through a fixdler tool;
(2) requesting a target website to acquire resources at the url position of the webpage; analyzing html into objects for processing, and converting all pages into dictionaries or arrays; successfully logging in a Redmine-filter webpage;
(3) and (5) carrying out data screening. And modifying the website in the url, bringing each developed id into the url by using parameters, and screening each developed information in each loop. And filtering hung or abandoned questions, calculating the number of overdue days by an algorithm, screening out overdue bugs, and sorting the overdue question sheets according to the single number, the plan completion time, the question description, the corresponding development and the overdue time.
The defect data of different dimensions are obtained through multiple interfaces of the Redmine API, the implementation process is complicated, the Redmine API interface is directly accessed, and misoperation can possibly lead the reference of the resource manager to other variables to cause pollution of the manager and destroy the original data in the accessing process; and if the method which is not supported by the resource manager is used, the manager can report the corresponding exception. By adopting the method provided by the embodiment of the invention, the screening condition can be directly placed in the url to directly acquire the data according to the requirement, the implementation mode is safer, quicker and more time-saving, and the problems that all data are acquired, screened and then stored again after screening are avoided.
S5: the data screened by the steps are executed, no order exists, no format exists, so an excel workbook is created before the data are exported, a sheet table is created in the workbook, then the style, the cells, the width and the like of the sheet table are adjusted, and simultaneously, a header can be added into the sheet list: person responsible, days out of date, state, start time, plan completion time, Redmine single number, task description; and finally, importing the data into an excel table and an html file respectively.
Compared with the method for importing the data into the database, the method for importing the file-excel table provided by the embodiment of the invention has the advantages that the data storage mode is simpler, the data is more visual, and the connection and the compactness among the data are more easily embodied.
Capacity comparison: the amount of data that the database mysql can bear is related to the structure of the data table and is not a fixed value. The upper limit of the MySQL single table is mainly related to the maximum file size supported by the operating system, and the maximum effective table size of the MySQL database is usually determined by the limitation of the operating system on the file size, rather than by the internal MySQL limitation, such as the table size limited by MySQL 3.22 is 4 GB.
The capacity of the Excel file has a relationship with the machine memory-it is stored in memory in its entirety. The limit capacity of each workbook is 65536 lines and 256 columns, a maximum of 255 workbooks can be stored in one EXCEL sheet, and in addition, some EXCEL versions have tens of thousands of workbooks, for example, in the EXCEL2010, a worksheet can have tens of thousands of workbooks, that is, data of 65536 workbooks can be stored, and the capacity is very large.
S6: the daily trigger time and constructed operation of the configuration script in jenkins include the configuration of sending mails. Sending the data sorted in the S5 to the research and development personnel and the project manager by mails at regular time every day to remind the research and development personnel and the project manager to solve the expired BUG.
The mail content finally sent to the development can be specifically a compressed packet comprising corresponding table data, such as requirement, rar, defect, rar, task, rar, optimization and improvement, rar. The contents of each compressed packet table may include:
the BUG content of the zhaoxin group with attribute "demand" is as in Table 1:
| person responsible | Days of expiry | Status of state | Starting time | Scheduled completion time | Redmine number | Description of the problem |
| Tangzhongyuan | 31 | In process of proceeding | 2019-07-05 | 2019-07-31 | 677415 | Gamma adjustment of LED3 generation LED display screen |
TABLE 1
The BUG content of the zhaoxin group with attribute "Defect" is shown in Table 2:
| person responsible | Days of expiry | Status of state | Starting time | Scheduled completion time | Redmine sheetNumber (C) | Description of the problem |
| Literature-speaking art | 1 | In process of proceeding | 2019-07-30 | 2019-08-30 | 678357 | The overall effect of IPC186-FI4N night scene is poor |
| Literature-speaking art | 1 | In process of proceeding | 2019-07-30 | 2019-08-30 | 678355 | IPC186-FI4N equipment overall picture brightness is dark |
| Literature-speaking art | 1 | In process of proceeding | 2019-07-30 | 2019-08-30 | 678354 | The problem of low definition of IPC186-FI4N equipment |
| Literature-speaking art | 1 | In process of proceeding | 2019-07-30 | 2019-08-30 | 678353 | IPC186-FI4N equipmentHigh contrast ratio |
| Mengkun | 1 | New construction | 2019-08-26 | 2019-08-30 | 679208 | 625-CU failed the signal-to-noise ratio test at D75 |
| Mengkun | 1 | New construction | 2019-08-26 | 2019-08-30 | 679204 | 625-CU color reduction disqualification under partial illuminant |
TABLE 2
The BUG content of the zhaoxin group with attribute "task" is as in Table 3:
| person responsible | Days of expiry | Status of state | Starting time | Scheduled completion time | Redmine number | Description of the problem |
TABLE 3
The BUG content of the zhaoxin group with the attribute "optimization improvement" is shown in Table 4:
| person responsible | Days of expiry | Status of state | Starting time | Scheduled completion time | Redmine number | Description of the problem |
| Zhuang honghai | 1 | New construction | 2019-07-26 | 2019-08-30 | 678290 | Daily stream code synchronization |
| Tangzhongyuan | 22 | In process of proceeding | 2019-06-26 | 2019-08-09 | 677039 | Establishing sensor image contrast evaluation flow |
| Tangzhongyuan | 82 | In process of proceeding | 2019-01-07 | 2019-06-10 | 669615 | Third generation transmitter display color gamut adjustment function development |
| Tangzhongyuan | 31 | In process of proceeding | 2018-11-19 | 2019-07-31 | 667371 | Black light algorithm pre-research |
TABLE 4
The reason why no overdue tasks exist temporarily is that the excel and html files (which are displayed in html format in the same form as the excel table contents) in the task compressed package have no contents.
Example two:
corresponding to the above method embodiments, the embodiments of the present invention further provide a security vulnerability processing apparatus, and the below-described security vulnerability processing apparatus and the above-described security vulnerability processing method may be referred to in a corresponding manner.
Referring to fig. 4, the apparatus includes the following modules:
the web page data acquisition module 101 is used for acquiring web page data from a web page project management system by using a web crawler; the webpage data comprise irregular project contents manually input by research personnel;
the data analysis module 102 is configured to analyze the webpage data to obtain the security vulnerability data and the target attribute of the security vulnerability data;
the target file acquisition module 103 is configured to convert the security vulnerability data by using the target attribute to obtain a target file;
and the target file sending module 104 is used for sending the target file to an information display terminal of the research and development personnel so that the research and development personnel can process the security loophole.
By applying the device provided by the embodiment of the invention, web crawler is utilized to acquire web page data from a web page project management system; the webpage data comprise irregular project contents manually input by research personnel; analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data; converting security vulnerability data by using the target attribute to obtain a target file; and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loopholes.
The data content acquired in the method comprises irregular project content manually input by research personnel, and the project content cannot be acquired by the conventional Redmine API due to the irregularity of the project content. Compared with a mode of accessing a Redmine database through a Redmine API (application program interface) to acquire data, the device acquires webpage data from the webpage project management system through the web crawler, is richer and safer, and cannot damage original data. After the webpage data are obtained, the webpage data are analyzed to obtain security vulnerability data and target attributes corresponding to the security vulnerability data, the security vulnerability data are converted by using the target attributes to obtain a target file, and the target file is sent to an information display terminal of research and development personnel, such as computer equipment or intelligent mobile equipment (such as a smart phone) capable of displaying information, so that the research and development personnel can timely know the security vulnerability. That is, the device can solve the problems that the efficiency of manual processing of defect data is low and research personnel does not know the state of the BUG in the prior art under the condition of avoiding destroying the data of the webpage project management system.
In a specific embodiment of the present invention, the target file sending module 104 is specifically configured to determine whether the security vulnerability data belongs to an overdue incomplete item; and if so, sending the target file to the information display terminal.
In a specific embodiment of the present invention, the target file obtaining module 103 is specifically configured to convert the security vulnerability data into a target file matched with a target attribute according to a corresponding relationship between the attribute and a file format; wherein the target attribute is any one of defect, requirement, task and optimization.
In a specific embodiment of the present invention, the target file obtaining module 103 is specifically configured to obtain a target item corresponding to the security vulnerability data; judging whether the target item belongs to an overdue unfinished item; if so, converting the security vulnerability data by using the target attribute to obtain a target file.
In a specific embodiment of the present invention, the data analysis module 102 is specifically configured to obtain a developer ID list, analyze and filter the web page data by using the developer ID list, and obtain security vulnerability data having a corresponding relationship with each developer ID and a target attribute of the security vulnerability data.
In an embodiment of the present invention, the target file sending module 104 is specifically configured to send the target file email to an email display terminal of a developer.
In a specific embodiment of the present invention, the target file obtaining module 103 is specifically configured to convert the security vulnerability data into a target file in an Excel format or an html format by using the target attribute.
Example four:
corresponding to the above method embodiment, the embodiment of the present invention further provides a security vulnerability processing device, and a security vulnerability processing device described below and a security vulnerability processing method described above may be referred to in a corresponding manner.
Referring to fig. 5, the security vulnerability processing apparatus includes:
a memory D1 for storing computer programs;
and the processor D2 is configured to, when executing the computer program, implement the steps of the security vulnerability processing method according to the above method embodiment.
Specifically, referring to fig. 6, fig. 6 is a schematic structural diagram of a security vulnerability processing apparatus provided in this embodiment, which may generate relatively large differences due to different configurations or performances, and may include one or more processors (CPUs) 322 (e.g., one or more processors) and a memory 332, and one or more storage media 330 (e.g., one or more mass storage devices) storing an application 342 or data 344. Memory 332 and storage media 330 may be, among other things, transient storage or persistent storage. The program stored on the storage medium 330 may include one or more modules (not shown), each of which may include a series of instructions operating on a data processing device. Still further, the central processor 322 may be configured to communicate with the storage medium 330, and execute a series of instruction operations in the storage medium 330 on the security breach processing device 301.
The security breach processing device 301 may also include one or more power sources 326, one or more wired or wireless network interfaces 350, one or more input-output interfaces 358, and/or one or more operating systems 341. Such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.
The steps in the security vulnerability processing method described above may be implemented by the structure of the security vulnerability processing apparatus.
Example five:
corresponding to the above method embodiment, an embodiment of the present invention further provides a readable storage medium, and a readable storage medium described below and a security vulnerability handling method described above may be referred to in a corresponding manner.
A readable storage medium, on which a computer program is stored, and when being executed by a processor, the computer program implements the steps of the security vulnerability processing method of the above method embodiment.
The readable storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and various other readable storage media capable of storing program codes.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
Claims (10)
1. A security vulnerability processing method is characterized by comprising the following steps:
acquiring webpage data from a webpage project management system by using a web crawler; the webpage data comprise irregular project contents manually input by research personnel;
analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data;
converting the security vulnerability data by using the target attribute to obtain a target file;
and sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loophole.
2. The method for processing the security vulnerabilities according to claim 1, wherein sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security vulnerabilities, includes:
judging whether the security vulnerability data belongs to an overdue unfinished project or not;
and if so, sending the target file to the information display terminal.
3. The method for processing the security vulnerability according to claim 1, wherein transforming the security vulnerability data using the target attribute to obtain a target file comprises:
acquiring a target project corresponding to the security vulnerability data;
judging whether the target project belongs to an overdue unfinished project or not;
if so, converting the security vulnerability data by using the target attribute to obtain the target file.
4. The method for processing the security vulnerability according to claim 1, wherein analyzing the webpage data to obtain the security vulnerability data and the target attribute of the security vulnerability data comprises:
acquiring an ID list of research and development personnel, analyzing and screening the webpage data by using the ID list of the research and development personnel, and acquiring security vulnerability data corresponding to the IDs of the research and development personnel and target attributes of the security vulnerability data.
5. The method for processing the security vulnerability according to claim 1, wherein transforming the security vulnerability data using the target attribute to obtain a target file comprises:
converting the security vulnerability data into the target file matched with the target attribute according to the corresponding relationship between the attribute and the file format; wherein the target attribute is any one of defect, requirement, task and optimization.
6. The method for processing the security vulnerabilities according to claim 1, wherein sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security vulnerabilities, includes:
and sending the target file mail to a mail display terminal of the research and development personnel.
7. The method according to any one of claims 1 to 6, wherein transforming the security vulnerability data using the target attribute to obtain a target file comprises:
and converting the security vulnerability data into a target file in an Excel format or an html format by using the target attribute.
8. A security hole processing apparatus, comprising:
the webpage data acquisition module is used for acquiring webpage data from the webpage project management system by utilizing a web crawler; the webpage data comprise irregular project contents manually input by research personnel;
the data analysis module is used for analyzing the webpage data to obtain security vulnerability data and target attributes of the security vulnerability data;
the target file acquisition module is used for converting the security vulnerability data by using the target attribute to obtain a target file;
and the target file sending module is used for sending the target file to an information display terminal of a research and development staff so that the research and development staff can process the security loophole conveniently.
9. A security breach processing device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the security breach processing method according to any of claims 1 to 7 when executing the computer program.
10. A readable storage medium, having stored thereon a computer program which, when executed by a processor, performs the steps of the security breach processing method according to any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910876477.9A CN110727947A (en) | 2019-09-17 | 2019-09-17 | Security vulnerability processing method, device, equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910876477.9A CN110727947A (en) | 2019-09-17 | 2019-09-17 | Security vulnerability processing method, device, equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110727947A true CN110727947A (en) | 2020-01-24 |
Family
ID=69219135
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910876477.9A Pending CN110727947A (en) | 2019-09-17 | 2019-09-17 | Security vulnerability processing method, device, equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110727947A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560044A (en) * | 2020-12-03 | 2021-03-26 | 星汉供应链有限公司 | Project bug tracking and counting method, system and equipment |
| CN112650477A (en) * | 2020-12-31 | 2021-04-13 | 深圳软牛科技有限公司 | Project data batch transfer method and device and electronic equipment |
| CN115599367A (en) * | 2022-10-16 | 2023-01-13 | 国网吉林省电力有限公司经济技术研究院(Cn) | Method for collecting and sorting energy big data and establishing visual platform |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020199122A1 (en) * | 2001-06-22 | 2002-12-26 | Davis Lauren B. | Computer security vulnerability analysis methodology |
| CN101452469A (en) * | 2008-12-24 | 2009-06-10 | 天津大学 | Software safety defect library system based on attack mode and management method thereof |
| CN109274526A (en) * | 2018-08-31 | 2019-01-25 | 平安科技(深圳)有限公司 | Test defect automatic early warning method, device, computer equipment and storage medium |
| CN109815220A (en) * | 2018-12-14 | 2019-05-28 | 深圳壹账通智能科技有限公司 | A kind of defective data treating method and apparatus |
-
2019
- 2019-09-17 CN CN201910876477.9A patent/CN110727947A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020199122A1 (en) * | 2001-06-22 | 2002-12-26 | Davis Lauren B. | Computer security vulnerability analysis methodology |
| CN101452469A (en) * | 2008-12-24 | 2009-06-10 | 天津大学 | Software safety defect library system based on attack mode and management method thereof |
| CN109274526A (en) * | 2018-08-31 | 2019-01-25 | 平安科技(深圳)有限公司 | Test defect automatic early warning method, device, computer equipment and storage medium |
| CN109815220A (en) * | 2018-12-14 | 2019-05-28 | 深圳壹账通智能科技有限公司 | A kind of defective data treating method and apparatus |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560044A (en) * | 2020-12-03 | 2021-03-26 | 星汉供应链有限公司 | Project bug tracking and counting method, system and equipment |
| CN112650477A (en) * | 2020-12-31 | 2021-04-13 | 深圳软牛科技有限公司 | Project data batch transfer method and device and electronic equipment |
| CN115599367A (en) * | 2022-10-16 | 2023-01-13 | 国网吉林省电力有限公司经济技术研究院(Cn) | Method for collecting and sorting energy big data and establishing visual platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11188619B2 (en) | Single click delta analysis | |
| CN107832428B (en) | Webpage method for monitoring state based on Website page and system | |
| CA2823530C (en) | Online privacy management | |
| US9323647B2 (en) | Request-based activation of debugging and tracing | |
| CN110727947A (en) | Security vulnerability processing method, device, equipment and readable storage medium | |
| US10853227B2 (en) | Systems and methods for modular test platform for applications | |
| CN106227780B (en) | A kind of the automation screenshot evidence collecting method and system of magnanimity webpage | |
| CN106897215A (en) | A kind of method gathered based on WebView webpages loading performance and user behavior flow data | |
| CN107957940B (en) | Test log processing method, system and terminal | |
| WO2018126964A1 (en) | Task execution method and apparatus and server | |
| CN110933095A (en) | Message parsing method and device | |
| CN107168844B (en) | Performance monitoring method and device | |
| CN107766509A (en) | A kind of method and apparatus of webpage static backup | |
| CN110390043A (en) | Crawling method, device, terminal and the storage medium of webpage mailbox data | |
| WO2019200750A1 (en) | Report monitoring method, apparatus, computing device and storage medium | |
| CN113472787A (en) | Alarm information processing method, device, equipment and storage medium | |
| CN110609785A (en) | Software interface testing method and device | |
| CN105516337B (en) | Web site based on dynamic load mechanism docks analytic method | |
| CN111209171B (en) | Closed loop handling method and device for security risk and storage medium | |
| CN113515715B (en) | Buried point event code generation method, buried point event code processing method and related equipment | |
| CN116932370A (en) | Fuzzy test method, device, electronic equipment, program product and storage medium | |
| CN109902113B (en) | Credit feedback report processing method and device, storage medium and computer equipment | |
| CN114565451A (en) | Batch data reporting method, device, electronic equipment and medium | |
| CN108521428B (en) | Realization method and system for preventing reptiles in public network based on jenkins | |
| CN118227189B (en) | Data processing method and abnormality prompting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200124 |