CN112685768A - Data leakage prevention method and device based on software asset audit - Google Patents
Data leakage prevention method and device based on software asset audit Download PDFInfo
- Publication number
- CN112685768A CN112685768A CN202011562701.6A CN202011562701A CN112685768A CN 112685768 A CN112685768 A CN 112685768A CN 202011562701 A CN202011562701 A CN 202011562701A CN 112685768 A CN112685768 A CN 112685768A
- Authority
- CN
- China
- Prior art keywords
- data
- report
- auditing
- analysis
- security event
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a data leakage prevention method and device based on software asset audit, wherein the method comprises the following steps: in the acquisition management stage, a data acquisition strategy is configured; a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data; analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, and analyzing the acquired data; the report engine self-defines the report structure and generates corresponding reports for various analyzed indexes. According to the scheme of the invention, the hidden danger source can be positioned in time and alarm response is carried out, so that the information safety hidden danger possibly generated by an enterprise is greatly avoided, the information safety of the enterprise is ensured, and the purpose of preventing the hidden danger is achieved. By monitoring the collected network data based on software, the possible bugs of the network data are identified, risk prediction in the aspect of data leakage is given, and potential safety hazards are avoided.
Description
Technical Field
The invention relates to the field of data processing, in particular to a data leakage prevention method and device based on software asset audit.
Background
With the increasing development of information technology and network information system applications, the application level of network technology is gradually shifting from traditional and small business systems to large and key business systems, and the network applications of government and enterprise users are gradually increased.
Information security is a dynamic process, and provides an efficient network operation platform for self service, and meanwhile, the increasingly complex behaviors of an IT service system and different background service users also bring potential threats to the network, such as internal service data and important sensitive files are tampered, leaked and stolen in the modes of e-mail, database access, remote terminal access (TELNET, FTP and the like); illegal internet surfing behaviors such as accessing illegal websites, issuing illegal statements and the like are abused; the safety of information systems of governments and enterprises is seriously damaged.
Traditional network security means such as firewalls and intrusion detection can manage and monitor network abnormal behaviors, such as network connection and access legitimacy control and network attack event monitoring, but cannot monitor network content and authorized normal internal network access behaviors, so that information leakage events and network resource abuse behaviors (instant messaging, forums, online videos, P2P downloading, network games and the like) caused by normal network access behaviors cannot be considered, and monitoring management of content and behaviors and tracing and evidence obtaining of security events are difficult to realize.
How to effectively monitor the access behavior of the business system and the transmission of sensitive information, accurately master the security state of the network system, timely find the events violating the security policy, give an alarm and record in real time, simultaneously perform positioning analysis on the security events, trace and obtain evidence after the events, meet the requirement of compliance audit, and is a problem which needs to be solved urgently by enterprises.
Therefore, a safety means for effectively monitoring and managing the above problems is urgently needed. Information leakage prevention is created in this context. Data leakage prevention is a strategy for preventing specified data or information assets of an enterprise from flowing out of the enterprise in a form of violating safety strategy rules through a certain technical means, and for any safety system, an audit pursuit means is an indispensable important component in the whole safety system. With the improvement of the security consciousness of enterprises, the auditing function is gradually known. The audit can comprehensively understand all terminal application behaviors and the whole life cycle of data, can find out the loophole of self information safety management, and can trace the source and the original to find out the real divulgent when information leakage occurs. By collecting software information, possible bugs can also be discovered. Meanwhile, all use processes of the data, such as access, modification, copying or deletion, can be recorded through log recording, and whether a divulgence action exists or not can be found quickly through auditing the logs. On the other hand, the log records can reflect the most real working state of the staff, and some high-frequency behaviors can also find out whether the staff has the problem of violation or not so as to predict the risk of data leakage. Prior art CN107122669A discloses risk analysis for sensitive data operations of users, but this solution does not analyze possible vulnerabilities of data assets. The access behavior of the business system in the enterprise, the transmission of sensitive information and the like still have various security events.
Disclosure of Invention
In order to solve the technical problems, the invention provides a data leakage prevention method and device based on software asset audit, which are used for solving the problems that in the prior art, the management and the monitoring of network abnormal behaviors can be realized by traditional network security means such as a firewall, intrusion detection and the like, but the network contents and authorized normal internal network access behaviors cannot be monitored, and the monitoring management of the contents and the behaviors and the tracing and the evidence obtaining of security events are difficult to realize.
According to a first aspect of the present invention, there is provided a method of data leakage prevention based on software asset auditing, the method comprising the steps of:
step S101: in the acquisition management stage, a data acquisition strategy is configured;
step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, and analyzing the acquired data;
step S104: the report engine self-defines the report structure and generates corresponding reports for various analyzed indexes.
Further, the step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data, wherein the data acquisition stage comprises the following steps:
in the data acquisition stage, a full data acquisition mode and an incremental data acquisition mode are provided;
the method also comprises the step of dynamically modifying the fields of the extracted data; a breakpoint can be set in the data extraction process, and the extraction behavior is tracked and monitored; and recording the number of data items, the collection starting time, the collection finishing time and the error information of the collected data in the data collection process, and storing the error information.
Further, the step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, analyzing collected data, including:
the access behavior of the user is analyzed, and analysis items comprise alarm analysis, security event analysis and DLP event statistics; performing security event auditing on a user, including security event statistics, security event map drawing and security event analysis;
the audit data assets are used for analyzing the data distribution of the collected data and tracing the sensitive files, and the analysis of the data distribution of the collected data comprises data import and export statistics, import data distribution and statistics and DLP data distribution and statistics; the sensitive file tracing comprises audit operations such as file data association, tracing data encapsulation and the like;
the analyzing the collected data includes: providing a mode of analyzing historical data in real time and offline, and counting and analyzing safety events output by different types of user behaviors; and according to the current management authority of the administrator, carrying out statistical analysis through multiple dimensions by combining time, security event types and security event levels.
Further, the step S104: the report engine self-defines the report structure, and generates corresponding reports for various analyzed indexes, including:
the report engine self-defines the structure of the report and generates multi-angle real-time and/or non-real-time reports such as an event statistical report, a personal behavior report, a periodic report and the like according to various indexes to be analyzed.
According to a second aspect of the present invention, there is provided a data leakage prevention apparatus based on software asset auditing, the apparatus comprising:
a configuration module: configuring a data acquisition strategy in an acquisition management stage;
a data acquisition module: configuring a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
an analysis module: the system is configured to analyze the access behavior of the user according to the collected data and audit the security events of the user; auditing data assets, and analyzing the acquired data;
a report generation module: and configuring to self-define a report structure by a report engine, and generating corresponding reports for various analyzed indexes.
Further, the data acquisition module:
a data acquisition mode submodule: the data acquisition device is configured to have a full data acquisition mode and an incremental data acquisition mode in a data acquisition stage;
a data storage submodule: configured to dynamically modify a field of the extracted data; a breakpoint can be set in the data extraction process, and the extraction behavior is tracked and monitored; and recording the number of data items, the collection starting time, the collection finishing time and the error information of the collected data in the data collection process, and storing the error information.
Further, the analysis module includes:
the user access behavior analysis submodule comprises: the system comprises a data processing system, a data processing system and a data processing system, wherein the data processing system is configured to analyze the behavior of an individual, and analysis items comprise alarm analysis, security event analysis and DLP event statistics; performing security event auditing on a user, including security event statistics, security event map drawing and security event analysis;
the data asset auditing submodule is configured to analyze the data distribution of the acquired data and trace back sensitive files, and the analysis of the data distribution of the acquired data comprises data import and export statistics, import data distribution and statistics and DLP data distribution and statistics; the sensitive file tracing comprises audit operations such as file data association, tracing data encapsulation and the like;
the analysis submodule is configured to provide a mode of analyzing historical data in real time and offline and count and analyze safety events output by different types of user behaviors; and according to the current management authority of the administrator, carrying out statistical analysis through multiple dimensions by combining time, security event types and security event levels.
Further, the report generation module includes:
the report configuration and generation submodule comprises: the method is configured to generate multi-angle real-time and/or non-real-time reports such as an event statistical report, a personal behavior report, a periodic report and the like according to various indexes to be analyzed by self-defining the structure of the report through a report engine.
According to a third aspect of the present invention, there is provided a data leakage prevention system based on software asset auditing, comprising:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the instructions are configured to be stored by the memory and loaded and executed by the processor to perform the method for data leakage prevention based on software asset auditing as described above.
According to a fourth aspect of the present invention, there is provided a computer readable storage medium having a plurality of instructions stored therein; the plurality of instructions for loading and executing by a processor the method for data leakage prevention based on software asset auditing as previously described.
According to the scheme of the invention, relevant configuration of acquisition management is firstly carried out, and then a data acquisition stage is entered to acquire data information for risk analysis. And then data analysis is carried out, two modes of real-time analysis and off-line analysis are provided, risk assessment is carried out in multiple angles through aspects of data asset audit, behavior information analysis and the like, an analysis conclusion is finally obtained, and a risk report based on data leakage prevention is produced. The administrator can also perform statistical analysis on the related logs according to the needs of the administrator, and after the analysis is completed, the statistical result can be exported to a visual report, so that the report can be conveniently reported to other business departments and superior leaders. A software monitoring-based mode is adopted to collect software information and use habits, identify possible bugs and make risk prediction of data leakage. Compared with the traditional network security means and management measures, the scheme carries out leakage risk prediction by collecting data information, can locate hidden danger sources in time and carry out alarm response, greatly avoids the information security hidden dangers possibly generated by enterprises, ensures the information security of the enterprises and achieves the purpose of preventing the potential risks in the bud. By monitoring the collected network data based on software, the possible bugs of the network data are identified, risk prediction in the aspect of data leakage is given, and potential safety hazards are avoided.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical solutions of the present invention more clearly understood and to implement them in accordance with the contents of the description, the following detailed description is given with reference to the preferred embodiments of the present invention and the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention. In the drawings:
FIG. 1 is a flow diagram of a method for data leakage prevention based on software asset auditing, according to an embodiment of the present invention;
FIG. 2 is a data flow diagram of data leakage prevention based on software asset auditing according to one embodiment of the present invention;
FIG. 3 is a block diagram of data leakage prevention based on software asset auditing according to yet another embodiment of the present invention;
fig. 4 is a block diagram of a data leakage prevention apparatus based on software asset auditing according to an embodiment of the present invention.
Detailed Description
Definition and interpretation:
and (4) safety audit: security audit (security audit) is a systematic way to assess the security of a company's information system by testing its compliance with a set of certain criteria. It refers to that the professional auditor carries out systematic and independent check and verification on the related activities or behaviors in the computer network environment according to the related laws and regulations, the entrustment of property owners and the authorization of management authorities, and makes corresponding evaluation.
Information assets: information assets are a system of knowledge organized and managed as a single entity. Similar to other corporate assets, an organizational information asset has its financial value. The value increase of information assets is directly related to the number of people who can effectively utilize the information. Because the information has a short period, it tends to devalue over time like other company asset types. The rate at which information loses its value depends on the type of information represented by the asset and the accuracy with which the information can be maintained over time. In some organizations, useless information may be considered a nuisance. Information assets can be categorized according to any criteria, not just their relative value in terms of frequency of use. For example, data may be split according to different rules: time of establishment, place of establishment, and whether it is often used by personnel or administrative authorities.
A flow diagram of a method for data leakage prevention based on software asset auditing is first described in conjunction with fig. 1, which is one embodiment of the present invention. As shown in fig. 1-2, the method comprises the steps of:
step S101: in the acquisition management stage, a data acquisition strategy is configured;
step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, and analyzing the acquired data;
step S104: the report engine self-defines the report structure and generates corresponding reports for various analyzed indexes.
The step S101: configuring a data acquisition policy, wherein:
the data acquisition strategies comprise acquisition strategies such as an acquisition strategy and a monitor strategy, and exchange information configuration, exchange service configuration and system management configuration are carried out; the configuration of the exchange information includes configuration node information and channel information, and the configuration of the exchange service includes configuration service data, for example, in an acquisition management stage, the configuration includes data acquisition policies such as an exchange node, an exchange channel, an exchange topology, data publishing, and unified configuration management of data subscription.
Further, data exchange tasks may be configured and deployed at a graphical management interface for control at runtime.
The step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data, wherein the data acquisition stage comprises the following steps:
in this embodiment, in the data acquisition stage, there are a full data acquisition mode and an incremental data acquisition mode.
The data extraction strategies comprise a timestamp mode, a log table mode, a full-table comparison mode, a full-table deletion insertion mode and a trigger setting mode, and various data extraction strategies can be flexibly defined;
in this embodiment, the method further includes dynamically modifying the field of the extracted data; a breakpoint can be set in the data extraction process, and the extraction behavior is tracked and monitored; and recording the number of data items, the collection starting time, the collection finishing time and the error information of the collected data in the data collection process, and storing the error information.
The step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, analyzing collected data, including:
the access behavior of the user is analyzed, and analysis items comprise alarm analysis, security event analysis and DLP event statistics; performing security event auditing on a user, including security event statistics, security event map drawing and security event analysis;
the audit data assets are used for analyzing the data distribution of the collected data and tracing the sensitive files, and the analysis of the data distribution of the collected data comprises data import and export statistics, import data distribution and statistics and DLP data distribution and statistics; the sensitive file tracing comprises audit operations such as file data association, tracing data encapsulation and the like;
the analyzing the collected data includes: providing a mode of analyzing historical data in real time and offline, and counting and analyzing safety events output by different types of user behaviors; and according to the current management authority of the administrator, carrying out statistical analysis through multiple dimensions by combining time, security event types and security event levels.
In this embodiment, the real-time data may be analyzed, and the historical data may also be analyzed offline.
The step S104: the report engine self-defines the report structure, and generates corresponding reports for various analyzed indexes, including:
the report engine self-defines the structure of the report and generates multi-angle real-time and/or non-real-time reports such as an event statistical report, a personal behavior report, a periodic report and the like according to various indexes to be analyzed.
The present embodiment makes risk prediction in terms of data leakage prevention through software monitoring. Firstly, relevant configuration of acquisition management is carried out, and then a data acquisition stage is carried out to obtain data information for risk analysis. And then data analysis is carried out, two modes of real-time analysis and off-line analysis are provided, risk assessment is carried out in multiple angles through aspects of data asset audit, behavior information analysis and the like, an analysis conclusion is finally obtained, and a risk report based on data leakage prevention is produced. The administrator can also perform statistical analysis on the related logs according to the needs of the administrator, and after the analysis is completed, the statistical result can be exported to a visual report, so that the report can be conveniently reported to other business departments and superior leaders.
The structure for data leakage prevention based on software asset audit in the further embodiment of the invention is shown in fig. 3, and is used for realizing the method for data leakage prevention based on software asset audit.
Firstly, configuring a relevant acquisition strategy;
acquiring data from multiple angles according to an acquisition strategy, such as self-research products, DLP systems, third-party systems and the like, and acquiring data such as software asset information, user behavior information and the like;
using an analysis engine to audit data assets and analyze behavior information;
the data can be analyzed in real time, and the historical data can also be analyzed in an off-line manner;
and configuring a report template in a report engine, and obtaining a risk prediction report in the aspect of data leakage through analyzing various indexes.
An embodiment of the present invention further provides a data leakage prevention apparatus based on software asset audit, as shown in fig. 4, the apparatus includes:
a configuration module: configuring a data acquisition strategy in an acquisition management stage;
a data acquisition module: configuring a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
an analysis module: the system is configured to analyze the access behavior of the user according to the collected data and audit the security events of the user; auditing data assets, and analyzing the acquired data;
a report generation module: and configuring to self-define a report structure by a report engine, and generating corresponding reports for various analyzed indexes.
The embodiment of the invention further provides a data leakage prevention system based on software asset audit, which comprises the following steps:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the instructions are configured to be stored by the memory and loaded by the processor to perform a method for data leakage prevention based on software asset auditing as described above.
The embodiment of the invention further provides a computer readable storage medium, wherein a plurality of instructions are stored in the storage medium; the plurality of instructions for loading and executing by a processor the method for data leakage prevention based on software asset auditing as previously described.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a physical machine Server, or a network cloud Server, etc., and needs to install a Windows or Windows Server operating system) to perform some steps of the method according to various embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and any simple modification, equivalent change and modification made to the above embodiment according to the technical spirit of the present invention are still within the scope of the technical solution of the present invention.
Claims (10)
1. A data leakage prevention method based on software asset audit is characterized by comprising the following steps:
step S101: in the acquisition management stage, a data acquisition strategy is configured;
step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, and analyzing the acquired data;
step S104: the report engine self-defines the report structure and generates corresponding reports for various analyzed indexes.
2. A method for data leakage prevention based on software asset auditing according to claim 1, where said step S102: a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data, wherein the data acquisition stage comprises the following steps:
in the data acquisition stage, a full data acquisition mode and an incremental data acquisition mode are provided;
the method also comprises the step of dynamically modifying the fields of the extracted data; a breakpoint can be set in the data extraction process, and the extraction behavior is tracked and monitored; and recording the number of data items, the collection starting time, the collection finishing time and the error information of the collected data in the data collection process, and storing the error information.
3. A method for data leakage prevention based on software asset auditing according to claim 1, where said step S103: analyzing the access behavior of the user according to the acquired data, and auditing the security event of the user; auditing data assets, analyzing collected data, including:
the access behavior of the user is analyzed, and analysis items comprise alarm analysis, security event analysis and DLP event statistics; performing security event auditing on a user, including security event statistics, security event map drawing and security event analysis;
the audit data assets are used for analyzing the data distribution of the collected data and tracing the sensitive files, and the analysis of the data distribution of the collected data comprises data import and export statistics, import data distribution and statistics and DLP data distribution and statistics; the sensitive file tracing comprises audit operations such as file data association, tracing data encapsulation and the like;
the analyzing the collected data includes: providing a mode of analyzing historical data in real time and offline, and counting and analyzing safety events output by different types of user behaviors; and according to the current management authority of the administrator, carrying out statistical analysis through multiple dimensions by combining time, security event types and security event levels.
4. A method for data leakage prevention based on software asset auditing according to claim 1, where said step S104: the report engine self-defines the report structure, and generates corresponding reports for various analyzed indexes, including:
the report engine self-defines the structure of the report and generates multi-angle real-time and/or non-real-time reports such as an event statistical report, a personal behavior report, a periodic report and the like according to various indexes to be analyzed.
5. A data leakage prevention apparatus based on software asset auditing, the apparatus comprising:
a configuration module: configuring a data acquisition strategy in an acquisition management stage;
a data acquisition module: configuring a data acquisition stage, defining a data extraction strategy according to the data acquisition strategy, and acquiring data;
an analysis module: the system is configured to analyze the access behavior of the user according to the collected data and audit the security events of the user; auditing data assets, and analyzing the acquired data;
a report generation module: and configuring to self-define a report structure by a report engine, and generating corresponding reports for various analyzed indexes.
6. A data leakage prevention apparatus based on software asset auditing according to claim 5, where said data acquisition module:
a data acquisition mode submodule: the data acquisition device is configured to have a full data acquisition mode and an incremental data acquisition mode in a data acquisition stage;
a data storage submodule: configured to dynamically modify a field of the extracted data; a breakpoint can be set in the data extraction process, and the extraction behavior is tracked and monitored; and recording the number of data items, the collection starting time, the collection finishing time and the error information of the collected data in the data collection process, and storing the error information.
7. A data leakage prevention apparatus based on software asset auditing according to claim 5, where said analysis module comprises:
the user access behavior analysis submodule comprises: the system comprises a data processing system, a data processing system and a data processing system, wherein the data processing system is configured to analyze the behavior of an individual, and analysis items comprise alarm analysis, security event analysis and DLP event statistics; performing security event auditing on a user, including security event statistics, security event map drawing and security event analysis;
the data asset auditing submodule is configured to analyze the data distribution of the acquired data and trace back sensitive files, and the analysis of the data distribution of the acquired data comprises data import and export statistics, import data distribution and statistics and DLP data distribution and statistics; the sensitive file tracing comprises audit operations such as file data association, tracing data encapsulation and the like;
the analysis submodule is configured to provide a mode of analyzing historical data in real time and offline and count and analyze safety events output by different types of user behaviors; and according to the current management authority of the administrator, carrying out statistical analysis through multiple dimensions by combining time, security event types and security event levels.
8. A data leakage prevention apparatus based on software asset audit as claimed in claim 7 wherein said report generation module includes:
the report configuration and generation submodule comprises: the method is configured to generate multi-angle real-time and/or non-real-time reports such as an event statistical report, a personal behavior report, a periodic report and the like according to various indexes to be analyzed by self-defining the structure of the report through a report engine.
9. A system for preventing data leakage based on software asset auditing, comprising:
a processor for executing a plurality of instructions;
a memory to store a plurality of instructions;
wherein the plurality of instructions are to be stored by the memory and loaded and executed by the processor to perform the method for data leakage prevention based on software asset auditing according to any of claims 1-4.
10. A computer-readable storage medium having stored therein a plurality of instructions; the plurality of instructions for being loaded by a processor and executing the method for data leakage prevention based on software asset auditing according to any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011562701.6A CN112685768A (en) | 2020-12-25 | 2020-12-25 | Data leakage prevention method and device based on software asset audit |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011562701.6A CN112685768A (en) | 2020-12-25 | 2020-12-25 | Data leakage prevention method and device based on software asset audit |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112685768A true CN112685768A (en) | 2021-04-20 |
Family
ID=75453325
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011562701.6A Pending CN112685768A (en) | 2020-12-25 | 2020-12-25 | Data leakage prevention method and device based on software asset audit |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112685768A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117473527A (en) * | 2023-11-07 | 2024-01-30 | 新华三网络信息安全软件有限公司 | Data security risk analysis method, device, equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109271435A (en) * | 2018-09-14 | 2019-01-25 | 南威软件股份有限公司 | A kind of data pick-up method and system for supporting breakpoint transmission |
| CN109471846A (en) * | 2018-11-02 | 2019-03-15 | 中国电子科技网络信息安全有限公司 | User behavior auditing system and method on a kind of cloud based on cloud log analysis |
-
2020
- 2020-12-25 CN CN202011562701.6A patent/CN112685768A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109271435A (en) * | 2018-09-14 | 2019-01-25 | 南威软件股份有限公司 | A kind of data pick-up method and system for supporting breakpoint transmission |
| CN109471846A (en) * | 2018-11-02 | 2019-03-15 | 中国电子科技网络信息安全有限公司 | User behavior auditing system and method on a kind of cloud based on cloud log analysis |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117473527A (en) * | 2023-11-07 | 2024-01-30 | 新华三网络信息安全软件有限公司 | Data security risk analysis method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107835982B (en) | Method and apparatus for managing security in a computer network | |
| JP5631881B2 (en) | Threat management system and method | |
| US7200616B2 (en) | Information management system, control method thereof, information management server and program for same | |
| CN115733681A (en) | Data security management platform for preventing data loss | |
| US20060191007A1 (en) | Security force automation | |
| CN114372286A (en) | Data security management method and device, computer equipment and storage medium | |
| Anastasov et al. | SIEM implementation for global and distributed environments | |
| CN112905548B (en) | Security audit system and method | |
| US20170214711A1 (en) | Creating a security report for a customer network | |
| CN113516337A (en) | Method and device for monitoring data security operation | |
| KR20140035146A (en) | Apparatus and method for information security | |
| CN113792308A (en) | Government affair sensitive data oriented security behavior risk analysis method | |
| CN109992961A (en) | Detection system and method for the anti-hacker attacks of Database Systems | |
| CN109684863A (en) | Data leakage prevention method, device, equipment and storage medium | |
| CN109388949B (en) | Data security centralized management and control method and system | |
| CN113034028A (en) | Responsibility traceability confirmation system | |
| Bodeau et al. | Cyber resiliency metrics, version 1.0, rev. 1 | |
| CN112685768A (en) | Data leakage prevention method and device based on software asset audit | |
| US20230396640A1 (en) | Security event management system and associated method | |
| CN112632556A (en) | Endpoint security response method and device based on data classification and classification | |
| CN116738449A (en) | DSMM-based data security management and control and operation system | |
| Dorigo | Security information and event management | |
| Kelemen | Systematic review on process mining and security | |
| Mogull | Understanding and selecting a database activity monitoring solution | |
| Rinnan | Benefits of centralized log file correlation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |