CN111090862A - Asset portrait method and system based on Internet terminal - Google Patents
Asset portrait method and system based on Internet terminal Download PDFInfo
- Publication number
- CN111090862A CN111090862A CN201911170039.7A CN201911170039A CN111090862A CN 111090862 A CN111090862 A CN 111090862A CN 201911170039 A CN201911170039 A CN 201911170039A CN 111090862 A CN111090862 A CN 111090862A
- Authority
- CN
- China
- Prior art keywords
- asset
- score
- information
- index
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an asset portrayal method and system based on an internet terminal, which are applied to a server and comprise the following steps: acquiring asset description information of a target network asset, wherein the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information; calculating the index score of the asset description information to obtain a target index score; the target index score is used for determining the safety degree of the target network asset; and determining the safety score of the target network asset according to the target index score so as to determine the safety degree of the target network asset according to the safety score. The invention solves the technical problems that the prior art can not visually and comprehensively know the current situation of the assets, can not carry out data association and can not carry out security assessment from the whole.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an asset portrait method and an asset portrait system based on an internet terminal.
Background
With the development of society, the internet + is an irreversible trend, various industries are changed in the form of the internet +, assets deployed on the internet are increased, at the present stage, the internet security situation in China is severe and complex, the assets deployed on the internet are gradually key attack objects of hackers, and how to strengthen the management of the internet assets and grasp the veins becomes important for enterprises.
In the past, internet asset monitoring and analysis are all based on various analysis tools, and common tools include: apt, soc, vulnerability scanning tool, etc., the main features are as follows:
1. the emphasis of various products and tools is different, the monitoring results are generally stored in respective systems, and the current situation of the assets cannot be intuitively and comprehensively known.
2. Since the monitoring results are stored in respective systems, data association cannot be performed.
3. Security assessment cannot be made from the whole.
Disclosure of Invention
In view of the above, the present invention provides an asset profiling method and system based on the internet, so as to solve the technical problems in the prior art that the current status of an asset cannot be intuitively and comprehensively known, data association cannot be performed, and security assessment cannot be performed from the whole.
In a first aspect, an embodiment of the present invention provides an asset portrayal method based on an internet, which is applied to a server, and includes: acquiring asset description information of a target network asset, wherein the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information; calculating the index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset; determining a security score for the target network asset based on the target index score to determine a security level for the target network asset based on the security score.
Further, the asset description information comprises a plurality of sub-description information; calculating the index score of the asset description information, and obtaining a target index score comprises the following steps: and calculating the index score of each piece of sub-description information in the asset description information to obtain a plurality of target index scores.
Further, the target metric score includes at least one of: alarm index scoring, access index scoring, time index scoring, attack index scoring, vulnerability index scoring, and baseline inspection result index scoring.
Further, calculating an index score of the asset description information to obtain a target index score, including: acquiring a weight value corresponding to the asset description information; calculating the target indicator score based on the asset description information and the weight value.
Further, determining a security score for the target network asset from the target index score comprises: if the target index scores are multiple, summing the multiple target index scores, and determining a summing calculation result as the safety score; and if the target index score is one, determining the target index score as the safety score.
Further, the method further comprises: and storing the asset description information into an asset security information base.
In a second aspect, an embodiment of the present invention further provides an asset representation system based on an internet, which is applied to a server, and includes: the system comprises an acquisition module, a calculation module and a scoring module, wherein the acquisition module is used for acquiring asset description information of a target network asset, and the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information; the computing module is used for computing the index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset; the scoring module is used for determining the security score of the target network asset according to the target index score so as to determine the security degree of the target network asset according to the security score.
Further, the system further comprises: and the storage module is used for storing the asset description information into an asset security information base.
In a third aspect, an embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method according to the first aspect when executing the computer program.
In a fourth aspect, the present invention further provides a computer-readable medium having non-volatile program code executable by a processor, where the program code causes the processor to execute the method according to the first aspect.
According to the embodiment of the invention, the asset information is displayed by the asset portrait in a multi-dimension and fine-grained mode, and the asset information and the safety information of the internet assets are combined, so that the technical effect of mastering the asset condition from the whole situation can be achieved clearly.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a flowchart of an Internet-based asset profiling method according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for rendering an asset on the Internet according to an embodiment of the present invention;
FIG. 3 is a flow chart of creating a basic asset information base according to an embodiment of the present invention;
FIG. 4 is a flow chart of establishing an asset security information base according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an overall scenario of an asset portrayal method based on the Internet according to an embodiment of the present invention;
FIG. 6 is a diagram of an Internet-based asset representation system according to an embodiment of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
fig. 1 is a flowchart of an internet-based asset profiling method applied to a server according to an embodiment of the present invention. As shown in fig. 1, the method specifically includes the following steps:
step S102, acquiring asset description information of the target network asset, wherein the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information, and baseline inspection result information, the target network assets including: .
Step S104, calculating the index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset.
Optionally, the asset description information includes a plurality of sub-description information.
In the embodiment of the invention, a plurality of target index scores can be obtained by calculating the index score of each piece of sub-description information in the asset description information.
The target indicator score comprises at least one of: alarm index scoring, access index scoring, time index scoring, attack index scoring, vulnerability index scoring, and baseline inspection result index scoring.
And S106, determining the security score of the target network asset according to the target index score so as to determine the security degree of the target network asset according to the security score.
The asset portrayal method based on the Internet terminal provided by the embodiment of the invention portrays the assets as the center, realizes the comprehensive understanding and management of the assets, evaluates the usability condition and the safety condition of the assets, combines the asset information and the safety information of the Internet assets, and can achieve the technical effect of clearly mastering the asset condition from the whole situation and the whole situation.
Optionally, step S104 further includes the steps of:
step S1041, obtaining a weight value corresponding to the asset description information;
step S1042, calculating a target index score based on the asset description information and the weight value.
For example, if the index a is asset description information, then by the formula: and (3) calculating the target index score of the asset description information, wherein the target index score of the index A is the weighted value x (the index A takes a value of 1 when meeting the standard, and takes a value of 0 when not meeting the standard) x 100.
Optionally, step S106 includes the following steps:
and if the target index scores are multiple, summing the multiple target index scores, and determining the sum calculation result as the safety score. For example, the target index scores are respectively: and scoring the index A, scoring the index B and scoring the index C by … … index N, wherein the safety score is the score of the index A, the score of the index B, the score of the index C, the score of the index … … and the score of the index N.
And if the target index score is one, determining the target index score as a safety score.
Optionally, the method provided in the embodiment of the present invention further includes: and storing the asset description information into an asset security information base.
As can be seen from the above description, an embodiment of the present invention provides an asset portrayal method based on an internet, including: acquiring asset description information of a target network asset, wherein the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information; calculating the index score of the asset description information to obtain a target index score; the target index score is used for determining the safety degree of the target network asset; and determining the safety score of the target network asset according to the target index score so as to determine the safety degree of the target network asset according to the safety score. The invention solves the technical problems that the prior art can not visually and comprehensively know the current situation of the assets, can not carry out data association and can not carry out security assessment from the whole. The method provided by the invention can display the asset information of the asset portrait in a multi-dimension and fine-grained mode, and also can intuitively and clearly master the asset condition from the whole in a graphical mode and other modes.
Example two:
fig. 2 is a flowchart of another method for rendering an asset on the internet according to an embodiment of the present invention, as shown in fig. 2, the method specifically includes the following steps:
step S201, an asset basic information base is created.
Specifically, as shown in fig. 3, the asset basic information of the enterprise is collected and put in storage by calling an asset detection tool:
(1) calling an asset detection tool interface, and issuing an asset detection task;
(2) calling an asset detection tool interface, acquiring an asset detection task result and putting the asset detection task result into an asset basic information base; specifically, a probing task is performed on the enterprise server, and then a probing result is generated.
Step S202, an asset security archive is established.
Specifically, as shown in fig. 4, the security information of the asset (i.e., the enterprise server) is collected, analyzed, and recorded at different levels through a log analysis tool, a traffic analysis tool, a missing scan tool, and other tools; the association is made centered on the asset to form a security archive of the asset.
(1) Aiming at the asset information collected in the step S201, calling a log analysis tool interface, inquiring and calling an analysis result of the asset syslog, and storing results such as alarm information, access information and the like into a security archive information base;
(2) and (4) calling an interface of a flow analysis tool aiming at the asset information collected in the step (S201), inquiring and calling an analysis result, and storing the results of event information, attack information, access information and the like into a security archive information base.
(3) And calling a vulnerability scanning tool interface to scan the assets collected in the step S201, and storing the scanned vulnerability information, baseline inspection and other result information into a security archive information base.
Step S203: and (4) scoring the assets.
The asset score is a comprehensive score and is calculated by using a plurality of scoring indexes such as a use condition index, a vulnerability index, an alarm index, an event index and the like, and the proportion weight of each index in the whole index can be set or can be closed; the score is a percentile system, if the index item is met, the score is added, and if the index item is not met, the score is zero.
The total score of the assets is equal to the sum of the scores of all the indexes; and each index score is obtained by multiplying the weight ratio by whether the index reaches the standard (1|0) and then multiplying by 100. If the weight ratio is 0, the index is not counted; the scoring formula is as follows:
total score is index a score + index B score + index C score + … + index N score;
index a is given as weight a of 1 when the index a meets the standard and 0 when the index a does not meet the standard, x 100;
the total weight proportion is the proportion of the weight A to the weight B to the weight C to the weight … to the weight N; and 0% < weight total > 100%.
For example:
index A: the service condition indexes require that the asset server hard disk utilization rate is between 15% and 80%, and the weight accounts for 5%;
index A meets the standard: index a score AS ═ (5% × 1 × 100) ═ 5;
index a does not meet the standard: index a score AS ═ (5% × 0 × 100) ═ 0;
index B: using a vulnerability index which requires the number of vulnerabilities of the asset server, wherein the high-risk vulnerability is between 0 and 3, the medium-risk vulnerability is between 0 and 30, the low-risk vulnerability is between 0 and 100, and the weight accounts for 30%;
index B meets the standard: the index B score BS is (30% × 1 × 100) ═ 30;
index B does not reach the standard: the index B score BS is (30% × 0 × 100) ═ 0;
index C: using an alarm index, wherein the index requires the number of alarms of the asset server, the high-risk alarms are between 0 and 3, the medium-risk alarms are between 0 and 30, the low-risk alarms are between 0 and 100, and the weight ratio is 0;
index C meets the standard: the index C score CS ═ (0 × 1 × 100) ═ 0;
index C does not reach the standard: the index C score CS ═ (0 × 100) ═ 0;
total score ═ (AS + BS + CS + … + NS).
Step S204: an asset representation is presented.
Based on the steps S201, S202 and S203, basic information, safety information and asset score of the Internet assets can be mastered; on the basis, the assets can be displayed in a multi-angle, multi-layer and multi-vision mode, and therefore the asset portrait is formed.
FIG. 5 is a schematic diagram of an overall scheme of an Internet-based asset profiling method according to an embodiment of the present invention.
Specifically, as shown in fig. 5, the asset basic information base is used to store basic information of an asset, such as: asset name, zone, ip, port opened, etc.
The asset security archive is used for storing detection and analysis results of various tools, such as: asset vulnerabilities, alarm information, event information, access information, traffic information, and the like.
And the basic information is used for showing the basic information base.
The safety information is used for displaying the safety archive information.
And the asset score is used for scoring the assets according to the safety profile, wherein the higher the safety is, and the lower the safety is.
Example three:
FIG. 6 is a diagram of an Internet-based asset representation system applied to a server according to an embodiment of the present invention. As shown in fig. 6, the system specifically includes: an acquisition module 10, a calculation module 20 and a scoring module 30.
Specifically, the obtaining module 10 is configured to obtain asset description information of the target network asset, where the asset description information includes at least one of: alarm information, access information, time information, attack information, vulnerability information, and baseline inspection result information.
The computing module 20 is configured to compute an index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset.
Optionally, the asset description information includes a plurality of sub-description information.
In the embodiment of the invention, a plurality of target index scores can be obtained by calculating the index score of each piece of sub-description information in the asset description information.
The target indicator score comprises at least one of: alarm index scoring, access index scoring, time index scoring, attack index scoring, vulnerability index scoring, and baseline inspection result index scoring.
And the scoring module 30 is used for determining the security score of the target network asset according to the target index score so as to determine the security degree of the target network asset according to the security score.
The embodiment of the invention provides an asset representation system based on an Internet terminal, which is characterized in that asset description information of a target network asset is obtained through an obtaining module; calculating the index score of the asset description information through a calculation module to obtain a target index score; and finally, determining the security score of the target network asset according to the target index score through a scoring module so as to determine the security degree of the target network asset according to the security score. The embodiment of the invention takes the assets as the center to portray, realizes the comprehensive understanding and management of the assets, evaluates the availability condition and the safety condition of the assets, combines the asset information and the safety information of the internet assets and can achieve the technical effect of clearly mastering the asset condition from the whole situation.
Optionally, as shown in fig. 6, the system further includes: and the storage module 40 is used for storing the asset description information into the asset security information base.
The embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the steps of the method in the first embodiment are implemented.
The embodiment of the invention also provides a computer readable medium with a non-volatile program code executable by a processor, wherein the program code causes the processor to execute the method in the first embodiment.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. An asset image method based on an internet terminal is characterized by being applied to a server and comprising the following steps:
acquiring asset description information of a target network asset, wherein the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information;
calculating the index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset;
determining a security score for the target network asset based on the target index score to determine a security level for the target network asset based on the security score.
2. The method according to claim 1, wherein the asset description information comprises a plurality of sub-description information;
calculating the index score of the asset description information, and obtaining a target index score comprises the following steps:
and calculating the index score of each piece of sub-description information in the asset description information to obtain a plurality of target index scores.
3. The method of claim 1 or 2, wherein the target metric score comprises at least one of: alarm index scoring, access index scoring, time index scoring, attack index scoring, vulnerability index scoring, and baseline inspection result index scoring.
4. The method of claim 1, wherein calculating an index score for the asset description information to obtain a target index score comprises:
acquiring a weight value corresponding to the asset description information;
calculating the target indicator score based on the asset description information and the weight value.
5. The method of claim 1, wherein determining a security score for the target network asset from the target metric score comprises:
if the target index scores are multiple, summing the multiple target index scores, and determining a summing calculation result as the safety score;
and if the target index score is one, determining the target index score as the safety score.
6. The method of claim 1, further comprising:
and storing the asset description information into an asset security information base.
7. An asset representation system based on internet terminal, applied to a server, includes: an acquisition module, a calculation module and a scoring module, wherein,
the acquisition module is used for acquiring asset description information of a target network asset, and the asset description information comprises at least one of the following: alarm information, access information, time information, attack information, vulnerability information and baseline inspection result information;
the computing module is used for computing the index score of the asset description information to obtain a target index score; the target index score is used to determine a security level of the target network asset;
the scoring module is used for determining the security score of the target network asset according to the target index score so as to determine the security degree of the target network asset according to the security score.
8. The system of claim 7, further comprising: and the storage module is used for storing the asset description information into an asset security information base.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the method of any of the preceding claims 1 to 6 are implemented when the computer program is executed by the processor.
10. A computer-readable medium having non-volatile program code executable by a processor, wherein the program code causes the processor to perform the method of any of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911170039.7A CN111090862A (en) | 2019-11-25 | 2019-11-25 | Asset portrait method and system based on Internet terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911170039.7A CN111090862A (en) | 2019-11-25 | 2019-11-25 | Asset portrait method and system based on Internet terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111090862A true CN111090862A (en) | 2020-05-01 |
Family
ID=70393793
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911170039.7A Pending CN111090862A (en) | 2019-11-25 | 2019-11-25 | Asset portrait method and system based on Internet terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111090862A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111865981A (en) * | 2020-07-20 | 2020-10-30 | 交通运输信息安全中心有限公司 | Network security vulnerability assessment system and method |
CN112581042A (en) * | 2021-02-24 | 2021-03-30 | 广州互联网法院 | Performance capability evaluation system and method and electronic equipment |
CN112784281A (en) * | 2021-01-21 | 2021-05-11 | 恒安嘉新(北京)科技股份公司 | Safety assessment method, device, equipment and storage medium for industrial internet |
CN113037766A (en) * | 2021-03-23 | 2021-06-25 | 中通服创发科技有限责任公司 | Comprehensive evaluation method for asset safety and health degree under multiple scenes |
CN113489749A (en) * | 2021-09-03 | 2021-10-08 | 北京华云安信息技术有限公司 | Method, device and equipment for generating network asset security portrait and storage medium |
CN116366316A (en) * | 2023-03-16 | 2023-06-30 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
CN109376537A (en) * | 2018-11-06 | 2019-02-22 | 杭州安恒信息技术股份有限公司 | A kind of assets methods of marking and system based on multiple-factor fusion |
CN109948343A (en) * | 2019-03-13 | 2019-06-28 | 杭州数梦工场科技有限公司 | Leak detection method, Hole Detection device and computer readable storage medium |
-
2019
- 2019-11-25 CN CN201911170039.7A patent/CN111090862A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
CN109376537A (en) * | 2018-11-06 | 2019-02-22 | 杭州安恒信息技术股份有限公司 | A kind of assets methods of marking and system based on multiple-factor fusion |
CN109948343A (en) * | 2019-03-13 | 2019-06-28 | 杭州数梦工场科技有限公司 | Leak detection method, Hole Detection device and computer readable storage medium |
Non-Patent Citations (2)
Title |
---|
中国地质环境监测院编著: "《地质灾害防治信息化建设理论与技术方法》", 30 June 2016, 地质出版社 * |
仇建平: "《信息安全技术》", 31 August 2017, 上海交通大学出版社 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111865981A (en) * | 2020-07-20 | 2020-10-30 | 交通运输信息安全中心有限公司 | Network security vulnerability assessment system and method |
CN111865981B (en) * | 2020-07-20 | 2021-05-07 | 交通运输信息安全中心有限公司 | Network security vulnerability assessment system and method |
CN112784281A (en) * | 2021-01-21 | 2021-05-11 | 恒安嘉新(北京)科技股份公司 | Safety assessment method, device, equipment and storage medium for industrial internet |
CN112581042A (en) * | 2021-02-24 | 2021-03-30 | 广州互联网法院 | Performance capability evaluation system and method and electronic equipment |
CN112581042B (en) * | 2021-02-24 | 2021-06-18 | 广州互联网法院 | Performance capability evaluation system and method and electronic equipment |
CN113037766A (en) * | 2021-03-23 | 2021-06-25 | 中通服创发科技有限责任公司 | Comprehensive evaluation method for asset safety and health degree under multiple scenes |
CN113489749A (en) * | 2021-09-03 | 2021-10-08 | 北京华云安信息技术有限公司 | Method, device and equipment for generating network asset security portrait and storage medium |
CN116366316A (en) * | 2023-03-16 | 2023-06-30 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
CN116366316B (en) * | 2023-03-16 | 2024-02-27 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111090862A (en) | Asset portrait method and system based on Internet terminal | |
US10404737B1 (en) | Method for the continuous calculation of a cyber security risk index | |
TWI595375B (en) | Anomaly detection using adaptive behavioral profiles | |
US8412712B2 (en) | Grouping methods for best-value determination from values for an attribute type of specific entity | |
US8615516B2 (en) | Grouping similar values for a specific attribute type of an entity to determine relevance and best values | |
US9129132B2 (en) | Reporting and management of computer systems and data sources | |
TW201629830A (en) | Risk scoring for threat assessment | |
Schauer et al. | MITIGATE: a dynamic supply chain cyber risk assessment methodology | |
CN115643107B (en) | Network security risk assessment method, device, computer equipment and storage medium | |
US11507674B2 (en) | Quantifying privacy impact | |
CN110620696A (en) | Grading method and device for enterprise network security situation awareness | |
US9015792B2 (en) | Reporting and management of computer systems and data sources | |
US20180083999A1 (en) | Self-published security risk management | |
CN113468542A (en) | Exposed surface asset risk assessment method, device, equipment and medium | |
Baikloy et al. | Development of Cyber Resilient Capability Maturity Model for Cloud Computing Services. | |
CN113672939A (en) | Method, device, equipment and medium for analyzing terminal behavior alarm traceability | |
US20130317888A1 (en) | Reporting and Management of Computer Systems and Data Sources | |
CN116433076A (en) | Automatic calculation method, device, equipment and medium for internal control evaluation | |
US10614225B2 (en) | System and method for tracing data access and detecting abnormality in the same | |
CN114154166A (en) | Abnormal data identification method, device, equipment and storage medium | |
CN113778806A (en) | Method, device, equipment and storage medium for processing safety alarm event | |
KR100524649B1 (en) | Risk analysis system for information assets | |
CN112637215A (en) | Network security detection method and device, electronic equipment and readable storage medium | |
Alharbi | A qualitative study on security operations centers in saudi arabia: challenges and research directions | |
Meland et al. | When to treat security risks with cyber insurance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200501 |
|
RJ01 | Rejection of invention patent application after publication |