CN112671609A - Asset census and safety detection method and device and terminal equipment - Google Patents
Asset census and safety detection method and device and terminal equipment Download PDFInfo
- Publication number
- CN112671609A CN112671609A CN202011517373.8A CN202011517373A CN112671609A CN 112671609 A CN112671609 A CN 112671609A CN 202011517373 A CN202011517373 A CN 202011517373A CN 112671609 A CN112671609 A CN 112671609A
- Authority
- CN
- China
- Prior art keywords
- asset
- vulnerability
- internet
- census
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The application is suitable for the technical field of industrial control internet security, and provides an asset census and security detection method, an asset census and security detection device and terminal equipment, wherein the method comprises the following steps: detecting the internet assets in the target industrial control system, generating an internet asset list according to the detection result, detecting the vulnerability of each internet asset in the internet asset list, obtaining the detected vulnerability, verifying the vulnerability, determining the vulnerability to be repaired, generating a vulnerability detection report, and generating and displaying an asset census report according to the internet asset list and the vulnerability detection report. The method has the advantages that the internet assets in the target industrial control system are detected, vulnerability detection is carried out on each internet asset, vulnerabilities to be repaired are determined through verification, asset census reports are generated, asset management efficiency is improved, vulnerabilities existing in the internet assets in the industrial control system can be found in time, asset safety is confirmed, safety detection efficiency is improved, and risks of information leakage are reduced.
Description
Technical Field
The application belongs to the technical field of industrial control internet security, and particularly relates to an asset census and security detection method, an asset census and security detection device, terminal equipment and a readable storage medium.
Background
Nowadays, all trades all adopt the equipment of networking to official working for official working is more high-efficient and more convenient. Meanwhile, certain information security problems are brought.
However, the existing asset management methods for industrial enterprises all have the problems of low safety detection efficiency, low accuracy of detection results and the like, and cause certain risks to the assets of the industrial enterprises.
Disclosure of Invention
The embodiment of the application provides an asset census and security detection method, an asset census and security detection device, terminal equipment and a readable storage medium, and can solve the problems of low security detection efficiency and low detection result accuracy of the existing asset management method.
In a first aspect, an embodiment of the present application provides an asset census and security detection method, including:
detecting the internet assets in the target industrial control system, and generating an internet asset list according to the detection result;
detecting the vulnerability of each internet asset in the internet asset list to obtain the detected vulnerability;
verifying the vulnerability, determining the vulnerability to be repaired, and generating a vulnerability detection report;
and generating and displaying an asset census report according to the internet asset list and the vulnerability detection report.
In an embodiment, after verifying the vulnerability, determining the vulnerability to be repaired, and generating a vulnerability detection report, the method further includes:
and determining a repairing method corresponding to each bug according to a preset resource library.
In one embodiment, the generating and displaying an asset census report according to the internet asset list and the vulnerability detection report includes:
and generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
In one embodiment, after generating and displaying an asset census report according to the internet asset list and the vulnerability detection report, the method further includes:
acquiring a bug fixing instruction, and acquiring a corresponding fixing patch in a pre-stored resource library according to the fixing method;
and repairing the corresponding vulnerability according to the repair patch.
In one embodiment, after generating and displaying an asset census report according to the internet asset list and the vulnerability detection report, the method further includes:
when an operation instruction is received, analyzing the operation instruction;
and executing corresponding operation on the Internet asset list according to the operation instruction.
In a second aspect, an embodiment of the present application provides an asset census and security detection apparatus, including:
the asset detection module is used for detecting the Internet assets in the target industrial control system and generating an Internet asset list according to the detection result;
the vulnerability detection module is used for carrying out vulnerability detection on each Internet asset in the Internet asset list to obtain a detected vulnerability;
the verification module is used for verifying the vulnerability, determining the vulnerability to be repaired and generating a vulnerability detection report;
and the generating module is used for generating and displaying an asset census report according to the Internet asset list and the vulnerability detection report.
In one embodiment, the apparatus further comprises:
and the determining module is used for determining the repairing method corresponding to each bug according to the preset resource library.
In one embodiment, the generating module includes:
and the generation unit is used for generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
In one embodiment, the apparatus further comprises:
the acquisition module is used for acquiring a bug fixing instruction and acquiring a corresponding fixing patch in a pre-stored resource library according to the fixing method;
and the repairing module is used for repairing the corresponding bug according to the repairing patch.
In one embodiment, the apparatus further comprises:
the analysis module is used for analyzing the operation instruction when the operation instruction is received;
and the execution module is used for executing corresponding operation on the Internet asset list according to the operation instruction.
In a third aspect, an embodiment of the present application provides a terminal device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor, when executing the computer program, implements the asset census and security detection method as described in any one of the first aspects.
In a fourth aspect, the present application provides a computer-readable storage medium, where a computer program is stored, and when executed by a processor, the method for asset census and security detection as described in any one of the first aspect above is implemented.
In a fifth aspect, an embodiment of the present application provides a computer program product, which, when running on a terminal device, causes the terminal device to execute the asset census and security detection method described in any one of the above first aspects.
The method has the advantages that the internet assets in the target industrial control system are detected, vulnerability detection is carried out on each internet asset, vulnerabilities to be repaired are determined through verification, asset census reports are generated, asset management efficiency is improved, vulnerabilities existing in the internet assets in the industrial control system can be found in time, asset safety is confirmed, safety detection efficiency is improved, and risks of information leakage are reduced.
It is understood that the beneficial effects of the second aspect to the fifth aspect can be referred to the related description of the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a schematic flow chart diagram of an asset census and security detection method provided by an embodiment of the present application;
FIG. 2 is another schematic flow chart diagram of an asset census and security detection method provided by an embodiment of the present application;
FIG. 3 is another schematic flow chart diagram of an asset census and security detection method provided by an embodiment of the present application;
FIG. 4 is a schematic structural diagram of an asset census and security detection apparatus provided in an embodiment of the present application;
fig. 5 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
The asset census and security detection method provided by the embodiment of the application can be applied to terminal equipment such as mobile phones, tablet computers and notebook computers, and the embodiment of the application does not limit the specific types of the terminal equipment.
Fig. 1 shows a schematic flow chart of an asset census and security detection method provided by the present application, which may be applied to the above-mentioned notebook computer by way of example and not limitation.
S101, detecting the Internet assets in the target industrial control system, and generating an Internet asset list according to a detection result.
In specific application, all internet assets in an industrial control network corresponding to a target industrial control system are detected and obtained, and a corresponding internet asset list is generated. The internet assets refer to more than two industrial control devices in the industrial control system. The detection method can be specifically set according to the requirements of the user, and comprises the steps of setting a detection period, detecting a white list, detecting a detection mode and the like. For example, the detection mode can be set to determine all internet assets in the industrial control network through the IP of the internet assets, the types of the internet assets, the asset types of the internet assets and the manufacturer information detection of the internet assets.
In specific application, the internet asset list is used for displaying attribute information of internet assets, newly-added types of the internet assets and newly-added quantity corresponding to each type; the attribute information of the internet assets may include, but is not limited to, an IP of each internet asset, a number of open ports of the internet asset, a tag of the internet asset, a mac address of the internet asset, a vendor to which the internet asset belongs, and an area in which the internet asset is located. In order to improve the visualization of the Internet asset list, the display mode of the corresponding Internet asset list can be set according to the requirements of a user; for example, it may be set to display online/offline internet assets through different colors; correspondingly displaying the internet assets of different manufacturers through different colors; and arranging and displaying the IP of the Internet assets in a positive order or a reverse order.
S102, detecting the vulnerability of each internet asset in the internet asset list to obtain the detected vulnerability.
In a specific application, targeted vulnerability detection is performed on each internet asset in the detected internet asset list, and vulnerabilities existing in each internet asset are determined. And determining the type of the vulnerability to be repaired, wherein the detected vulnerability carries the attribute information of the vulnerability. The attribute information includes, but is not limited to, an internet asset IP corresponding to the vulnerability, a vulnerability number, a vulnerability name, detected time, vulnerability functional description information, a vulnerability type, and a vulnerability class.
S103, verifying the vulnerability, determining the vulnerability to be repaired, and generating a vulnerability detection report.
In specific application, in order to improve the precision of detection and analysis, a vulnerability needs to be verified through a preset verification method after the vulnerability is detected, the vulnerability is determined to be a vulnerability to be repaired, and a corresponding vulnerability detection report is generated according to the attribute information of the vulnerability. The predetermined verification method includes, but is not limited to, a Proof of view detection method (POC) or an Exploit detection method (expoit, EXP).
And S104, generating and displaying an asset census report according to the Internet asset list and the vulnerability detection report.
In specific application, an asset census report is generated and displayed according to the Internet asset list and the vulnerability detection report. The asset census report includes, but is not limited to, attribute information of each internet asset, attribute information of a vulnerability corresponding to each internet asset, a vulnerability new type and a corresponding new number, and an internet asset new type and a corresponding new number.
In one embodiment, after step S103, the method further includes:
and determining a repairing method corresponding to each bug according to a preset resource library.
In specific application, the repairing method corresponding to each bug is stored in a preset resource library in advance so as to improve the safety of the industrial control system.
In one embodiment, the step S104 includes:
and generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
In specific application, a repairing method corresponding to each currently detected vulnerability is determined according to the vulnerability detection report, and a corresponding asset census report is generated and displayed according to the Internet asset list, the vulnerability detection report and the repairing method corresponding to each vulnerability. It can be understood that the asset census report includes attribute information of each internet asset, attribute information of a vulnerability corresponding to each internet asset, a repairing method corresponding to each vulnerability, a vulnerability new type and a corresponding new number, and an internet asset new type and a corresponding new number.
As shown in fig. 2, in an embodiment, after the step S104, the method further includes:
s105, acquiring a bug fixing instruction, and acquiring a corresponding fixing patch in a pre-stored resource library according to the fixing method;
and S106, repairing the corresponding bug according to the repair patch.
In specific application, a repairing method corresponding to each bug is stored in a preset resource library in advance, and a corresponding repairing patch is determined and obtained according to the repairing method and stored in the preset resource library. After the vulnerability detection operation is completed, when a vulnerability repairing instruction sent by a user is received, a corresponding repairing patch is obtained from a pre-stored resource library according to a repairing method, and the corresponding vulnerability is repaired according to the repairing patch.
As shown in fig. 3, in an embodiment, after the step S104, the method further includes:
s107, when receiving the operation instruction, analyzing the operation instruction;
and S108, executing corresponding operation on the Internet asset list according to the operation instruction.
In specific application, when an operation instruction based on the internet assets is received, the operation instruction is analyzed, and corresponding operation is executed on the internet asset list according to the operation instruction. The operation instructions include, but are not limited to, an add instruction, a delete instruction, a modify instruction, and a query instruction.
The method has the advantages that the internet assets in the target industrial control system are detected, vulnerability detection is carried out on each internet asset, vulnerabilities to be repaired are determined through verification, asset census reports are generated, asset management efficiency is improved, vulnerabilities existing in the internet assets in the industrial control system can be found in time, asset safety is confirmed, safety detection efficiency is improved, and risks of information leakage are reduced.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Corresponding to the asset census and security detection method described in the above embodiments, fig. 4 shows a structural block diagram of an asset census and security detection apparatus provided in the embodiments of the present application, and for convenience of description, only the parts related to the embodiments of the present application are shown.
Referring to fig. 4, the asset census and security detection apparatus 100 includes:
the asset detection module 101 is used for detecting the internet assets in the target industrial control system and generating an internet asset list according to the detection result;
the vulnerability detection module 102 is configured to perform vulnerability detection on each internet asset in the internet asset list to obtain a detected vulnerability;
the verification module 103 is used for verifying the vulnerability, determining the vulnerability to be repaired and generating a vulnerability detection report;
and the generating module 104 is used for generating and displaying an asset census report according to the internet asset list and the vulnerability detection report.
In one embodiment, the apparatus 100 further comprises:
and the determining module is used for determining the repairing method corresponding to each bug according to the preset resource library.
In one embodiment, the generating module 104 includes:
and the generation unit is used for generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
In one embodiment, the apparatus 100 further comprises:
the acquisition module is used for acquiring a bug fixing instruction and acquiring a corresponding fixing patch in a pre-stored resource library according to the fixing method;
and the repairing module is used for repairing the corresponding bug according to the repairing patch.
In one embodiment, the apparatus 100 further comprises:
the analysis module is used for analyzing the operation instruction when the operation instruction is received;
and the execution module is used for executing corresponding operation on the Internet asset list according to the operation instruction.
The method has the advantages that the internet assets in the target industrial control system are detected, vulnerability detection is carried out on each internet asset, vulnerabilities to be repaired are determined through verification, asset census reports are generated, asset management efficiency is improved, vulnerabilities existing in the internet assets in the industrial control system can be found in time, asset safety is confirmed, safety detection efficiency is improved, and risks of information leakage are reduced.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
Fig. 5 is a schematic structural diagram of a terminal device according to an embodiment of the present application. As shown in fig. 5, the terminal device 5 of this embodiment includes: at least one processor 50 (only one shown in fig. 5), a memory 51, and a computer program 52 stored in the memory 51 and operable on the at least one processor 50, the processor 50 implementing the steps in any of the various asset census and security detection method embodiments described above when executing the computer program 52.
The terminal device 5 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The terminal device may include, but is not limited to, a processor 50, a memory 51. Those skilled in the art will appreciate that fig. 5 is only an example of the terminal device 5, and does not constitute a limitation to the terminal device 5, and may include more or less components than those shown, or combine some components, or different components, such as an input-output device, a network access device, and the like.
The Processor 50 may be a Central Processing Unit (CPU), and the Processor 50 may be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 51 may in some embodiments be an internal storage unit of the terminal device 5, such as a hard disk or a memory of the terminal device 5. In other embodiments, the memory 51 may also be an external storage device of the terminal device 5, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital Card (SD), a Flash memory Card (Flash Card), and the like, which are provided on the terminal device 5. Further, the memory 51 may also include both an internal storage unit and an external storage device of the terminal device 5. The memory 51 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of the computer program. The memory 51 may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned method embodiments.
The embodiments of the present application provide a computer program product, which when running on a mobile terminal, enables the mobile terminal to implement the steps in the above method embodiments when executed.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other ways. For example, the above-described apparatus/network device embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implementing, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. An asset census and security detection method is characterized by comprising the following steps:
detecting the internet assets in the target industrial control system, and generating an internet asset list according to the detection result;
detecting the vulnerability of each internet asset in the internet asset list to obtain the detected vulnerability;
verifying the vulnerability, determining the vulnerability to be repaired, and generating a vulnerability detection report;
and generating and displaying an asset census report according to the internet asset list and the vulnerability detection report.
2. The asset census and security detection method of claim 1, wherein after verifying the vulnerability, determining a vulnerability to be repaired, and generating a vulnerability detection report, further comprising:
and determining a repairing method corresponding to each bug according to a preset resource library.
3. The asset census and security detection method of claim 2, wherein generating and displaying asset census reports from the internet asset list and the vulnerability detection reports comprises:
and generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
4. The asset census and security detection method of claim 2, wherein after generating and displaying an asset census report based on the internet asset list and the vulnerability detection report, further comprising:
acquiring a bug fixing instruction, and acquiring a corresponding fixing patch in a pre-stored resource library according to the fixing method;
and repairing the corresponding vulnerability according to the repair patch.
5. The asset census and security detection method of claim 1, wherein after generating and displaying an asset census report based on the internet asset list and the vulnerability detection report, further comprising:
when an operation instruction is received, analyzing the operation instruction;
and executing corresponding operation on the Internet asset list according to the operation instruction.
6. An asset census and security detection device, comprising:
the asset detection module is used for detecting the Internet assets in the target industrial control system and generating an Internet asset list according to the detection result;
the vulnerability detection module is used for carrying out vulnerability detection on each Internet asset in the Internet asset list to obtain a detected vulnerability;
the verification module is used for verifying the vulnerability, determining the vulnerability to be repaired and generating a vulnerability detection report;
and the generating module is used for generating and displaying an asset census report according to the Internet asset list and the vulnerability detection report.
7. The asset screening and security detection apparatus of claim 6, wherein said apparatus further comprises:
and the determining module is used for determining the repairing method corresponding to each bug according to the preset resource library.
8. The asset census and security detection apparatus of claim 7, wherein the generation module comprises:
and the generation unit is used for generating and displaying the asset census report according to the internet asset list, the vulnerability detection report and the repair method corresponding to each vulnerability.
9. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 5 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011517373.8A CN112671609A (en) | 2020-12-21 | 2020-12-21 | Asset census and safety detection method and device and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011517373.8A CN112671609A (en) | 2020-12-21 | 2020-12-21 | Asset census and safety detection method and device and terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112671609A true CN112671609A (en) | 2021-04-16 |
Family
ID=75406663
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011517373.8A Pending CN112671609A (en) | 2020-12-21 | 2020-12-21 | Asset census and safety detection method and device and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112671609A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113486358A (en) * | 2021-07-09 | 2021-10-08 | 建信金融科技有限责任公司 | Vulnerability detection method and device |
| CN114095218A (en) * | 2021-11-05 | 2022-02-25 | 武汉思普崚技术有限公司 | Asset vulnerability management method and device |
| WO2024045088A1 (en) * | 2022-08-31 | 2024-03-07 | 西门子股份公司 | Location-based security policy check method and apparatus, and computer device |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| US20130247207A1 (en) * | 2011-09-21 | 2013-09-19 | Mcafee, Inc., A Delaware Corporation | System and method for grouping computer vulnerabilities |
| CN106230857A (en) * | 2016-08-30 | 2016-12-14 | 上海新华控制技术(集团)有限公司 | A kind of active leakage location towards industrial control system and detection method |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN107707578A (en) * | 2017-11-28 | 2018-02-16 | 四川长虹电器股份有限公司 | Cloud service assets based on vulnerability scanning are met an urgent need scan method |
| CN109361692A (en) * | 2018-11-20 | 2019-02-19 | 远江盛邦(北京)网络安全科技股份有限公司 | Web means of defence based on identification Asset Type and self-discovery loophole |
| CN109492403A (en) * | 2018-10-26 | 2019-03-19 | 北京车和家信息技术有限公司 | A kind of leak detection method and device |
| CN110266737A (en) * | 2019-07-30 | 2019-09-20 | 杭州安恒信息技术股份有限公司 | A kind of leak detection method, device, equipment and medium that cross-domain resource is shared |
| US10454963B1 (en) * | 2015-07-31 | 2019-10-22 | Tripwire, Inc. | Historical exploit and vulnerability detection |
| CN110572409A (en) * | 2019-09-16 | 2019-12-13 | 国家计算机网络与信息安全管理中心 | Industrial Internet security risk prediction method, device, equipment and storage medium |
| CN112003838A (en) * | 2020-08-06 | 2020-11-27 | 杭州安恒信息技术股份有限公司 | Network threat detection method, device, electronic device and storage medium |
-
2020
- 2020-12-21 CN CN202011517373.8A patent/CN112671609A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| US20130247207A1 (en) * | 2011-09-21 | 2013-09-19 | Mcafee, Inc., A Delaware Corporation | System and method for grouping computer vulnerabilities |
| US10454963B1 (en) * | 2015-07-31 | 2019-10-22 | Tripwire, Inc. | Historical exploit and vulnerability detection |
| CN106230857A (en) * | 2016-08-30 | 2016-12-14 | 上海新华控制技术(集团)有限公司 | A kind of active leakage location towards industrial control system and detection method |
| CN107563205A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | Typical smart machine leak detection method and permeability apparatus |
| CN107707578A (en) * | 2017-11-28 | 2018-02-16 | 四川长虹电器股份有限公司 | Cloud service assets based on vulnerability scanning are met an urgent need scan method |
| CN109492403A (en) * | 2018-10-26 | 2019-03-19 | 北京车和家信息技术有限公司 | A kind of leak detection method and device |
| CN109361692A (en) * | 2018-11-20 | 2019-02-19 | 远江盛邦(北京)网络安全科技股份有限公司 | Web means of defence based on identification Asset Type and self-discovery loophole |
| CN110266737A (en) * | 2019-07-30 | 2019-09-20 | 杭州安恒信息技术股份有限公司 | A kind of leak detection method, device, equipment and medium that cross-domain resource is shared |
| CN110572409A (en) * | 2019-09-16 | 2019-12-13 | 国家计算机网络与信息安全管理中心 | Industrial Internet security risk prediction method, device, equipment and storage medium |
| CN112003838A (en) * | 2020-08-06 | 2020-11-27 | 杭州安恒信息技术股份有限公司 | Network threat detection method, device, electronic device and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113486358A (en) * | 2021-07-09 | 2021-10-08 | 建信金融科技有限责任公司 | Vulnerability detection method and device |
| CN114095218A (en) * | 2021-11-05 | 2022-02-25 | 武汉思普崚技术有限公司 | Asset vulnerability management method and device |
| WO2024045088A1 (en) * | 2022-08-31 | 2024-03-07 | 西门子股份公司 | Location-based security policy check method and apparatus, and computer device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108427705B (en) | Electronic device, distributed system log query method and storage medium | |
| CN112671609A (en) | Asset census and safety detection method and device and terminal equipment | |
| CN109600441B (en) | Alliance link information publishing control method and terminal equipment | |
| WO2018000607A1 (en) | Method and electronic apparatus for identifying test case failure causes | |
| CN113489713A (en) | Network attack detection method, device, equipment and storage medium | |
| CN110601880A (en) | Cloud platform, service processing method, command interface and computer equipment | |
| CN112163412B (en) | Data verification method and device, electronic equipment and storage medium | |
| CN105357204A (en) | Method and apparatus for generating terminal identifying information | |
| CN112015663A (en) | Test data recording method, device, equipment and medium | |
| CN111966390A (en) | Project construction method, system, terminal device and storage medium | |
| CN112363935A (en) | Data joint debugging method and device, electronic equipment and storage medium | |
| CN112506798A (en) | Performance test method, device, terminal and storage medium of block chain platform | |
| CN111062040A (en) | Method for determining unknown vulnerability, server and computer readable storage medium | |
| CN112667638B (en) | Dynamic report generation method and device, terminal equipment and readable storage medium | |
| CN111176685A (en) | Upgrading method and device | |
| CN112528295B (en) | Vulnerability restoration method and device for industrial control system | |
| CN111142863B (en) | Page generation method and device | |
| CN112817935A (en) | Data processing method, device and equipment based on field type and storage medium | |
| CN109324838B (en) | Execution method and execution device of single chip microcomputer program and terminal | |
| CN111212153A (en) | IP address checking method, device, terminal equipment and storage medium | |
| CN111694586A (en) | Program initialization method, program initialization device, terminal device, and storage medium | |
| CN108520063B (en) | Event log processing method and device and terminal equipment | |
| CN112631949B (en) | Debugging method and device, computer equipment and storage medium | |
| CN115643044A (en) | Data processing method, device, server and storage medium | |
| CN111222739B (en) | Nuclear power station task allocation method and nuclear power station task allocation system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210416 |