CN112839047B - Asset vulnerability scanning method, device, equipment and medium on cloud platform - Google Patents

Asset vulnerability scanning method, device, equipment and medium on cloud platform Download PDF

Info

Publication number
CN112839047B
CN112839047B CN202110057797.9A CN202110057797A CN112839047B CN 112839047 B CN112839047 B CN 112839047B CN 202110057797 A CN202110057797 A CN 202110057797A CN 112839047 B CN112839047 B CN 112839047B
Authority
CN
China
Prior art keywords
cloud platform
vulnerability
scanning
vulnerability scanning
accuracy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110057797.9A
Other languages
Chinese (zh)
Other versions
CN112839047A (en
Inventor
郭金伟
范渊
杨勃
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DBAPPSecurity Co Ltd
Original Assignee
DBAPPSecurity Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DBAPPSecurity Co Ltd filed Critical DBAPPSecurity Co Ltd
Priority to CN202110057797.9A priority Critical patent/CN112839047B/en
Publication of CN112839047A publication Critical patent/CN112839047A/en
Application granted granted Critical
Publication of CN112839047B publication Critical patent/CN112839047B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

The application discloses an asset vulnerability scanning method, device, equipment and medium on a cloud platform, wherein the method comprises the following steps: determining a second cloud platform from a pre-acquired cloud platform information list, wherein each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform; issuing a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses; and receiving a vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset. Therefore, the accuracy of asset vulnerability scanning on the cloud platform can be improved.

Description

Asset vulnerability scanning method, device, equipment and medium on cloud platform
Technical Field
The application relates to the technical field of security, in particular to an asset vulnerability scanning method, device, equipment and medium on a cloud platform.
Background
With the development of cloud computing, more and more users choose to cloud services, public clouds and private clouds bloom all the time, the cloud computing is mature day by day, the services of the users are more and more convenient to cloud, the construction cost is lower and lower, and vulnerability scanning products deployed on the cloud are convenient to use immediately after being opened.
When the scanner is used for scanning assets on the cloud platform, the scanner in the cloud platform is in a certain network environment, and needs to scan each asset in the whole cloud platform, so that a large number of scanning tasks are borne, asset protection behaviors are easily caused, the scanning behaviors of the scanner are detected by protection equipment of the assets, flow is cut off or cleaned, and accordingly, the scanning result is inaccurate. Therefore, how to improve the accuracy of asset vulnerability scanning on a cloud platform is an important problem to be solved by those skilled in the art.
Disclosure of Invention
In view of this, an object of the present application is to provide an asset vulnerability scanning method, apparatus, device, and medium on a cloud platform, which can improve accuracy of asset vulnerability scanning on the cloud platform. The specific scheme is as follows:
in a first aspect, the application discloses an asset vulnerability scanning method on a cloud platform, which is applied to a first cloud platform and includes:
determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform;
issuing a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses;
and receiving a vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset.
Optionally, before determining the second cloud platform from the pre-acquired cloud platform information list, the method further includes:
the method comprises the steps that a cloud platform information list is obtained from cloud platform registration service, wherein the cloud platform information list comprises public network communication addresses of different cloud platforms which are subjected to service registration, corresponding operator network information and geographical position information, and the cloud platform registration service is used for carrying out cloud platform registration;
and storing the cloud platform information list.
Optionally, the analyzing the vulnerability scanning result to determine the vulnerability information of the target asset includes:
judging whether the vulnerability scanning results fed back by the second cloud platforms are the same or not, wherein fingerprint information and vulnerability information in the vulnerability scanning results are obtained through scanning, and the fingerprint information is the asset fingerprint of the target asset;
if the vulnerability scanning results fed back by the second cloud platforms are the same, taking any vulnerability scanning result in the vulnerability scanning results fed back by the second cloud platforms as vulnerability information of the target asset, and storing and visually displaying the vulnerability information;
and if the vulnerability scanning results fed back by the second cloud platforms are not identical, analyzing the vulnerability scanning results fed back by the second cloud platforms to obtain scanning accuracy, and performing corresponding scanning result processing operation based on the scanning accuracy.
Optionally, the performing, based on the scanning accuracy, a corresponding scanning result processing operation includes:
judging whether the scanning accuracy is greater than or equal to a preset scanning accuracy;
if the scanning accuracy is greater than or equal to a preset scanning accuracy, determining vulnerability information of the target asset based on vulnerability scanning results fed back by the second cloud platforms, and storing and visually displaying the vulnerability information;
and if the scanning accuracy is smaller than the preset scanning accuracy, carrying out vulnerability scanning on the target asset again.
Optionally, the analyzing the vulnerability scanning results fed back by each second cloud platform to obtain a scanning accuracy includes:
comparing and analyzing fingerprint information in the vulnerability scanning results fed back by the second cloud platforms to obtain a first accuracy rate;
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by the second cloud platforms to obtain a second accuracy rate;
determining a scan accuracy rate based on the first accuracy rate and the second accuracy rate.
Optionally, the comparing and analyzing the fingerprint information in the vulnerability scanning result fed back by each second cloud platform to obtain a first accuracy rate includes:
judging whether the fingerprint information in the vulnerability scanning results fed back by the second cloud platforms is the same or not;
if the first preset accuracy threshold is the same as the first preset accuracy threshold, taking the first preset accuracy threshold as a first accuracy;
and if not, taking a second preset accuracy threshold as a first accuracy, wherein the first accuracy threshold is larger than the second accuracy threshold.
Optionally, the comparing and analyzing the vulnerability information in the vulnerability scanning result fed back by each second cloud platform to obtain a second accuracy rate includes:
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each second cloud platform to determine a first vulnerability number and a second vulnerability number, wherein the first vulnerability number is the number of the same vulnerabilities in the vulnerability scanning results fed back by each second cloud platform, and the second vulnerability number is the difference value between the total number of vulnerabilities in the vulnerability scanning results fed back by each second cloud platform and the first vulnerability number;
determining vulnerability scanning accuracy based on the first vulnerability number and the second vulnerability number;
and determining a second accuracy rate based on the vulnerability scanning accuracy rate and a third preset accuracy rate threshold value.
In a second aspect, the present application discloses an asset vulnerability scanning apparatus on a cloud platform, which is applied to a first cloud platform, and includes:
the cloud platform determining module is used for determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform and the first cloud platform in the cloud platform information list have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform;
the task issuing module is used for issuing a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses;
and the vulnerability scanning result analysis module is used for receiving the vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset.
In a third aspect, the present application discloses an electronic device, comprising:
a memory and a processor;
wherein the memory is to store a computer program;
the processor is configured to execute the computer program to implement the above-disclosed asset vulnerability scanning method on the cloud platform.
In a fourth aspect, the present application discloses a computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the method for asset vulnerability scanning on a cloud platform as disclosed above.
It can be seen that, according to the application, a second cloud platform is determined from a cloud platform information list acquired in advance, wherein the cloud platform information list comprises information of different cloud platforms which are registered for service, each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, the second cloud platform is a cloud platform except the first cloud platform, and issues a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform, so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses, then receives vulnerability scanning results fed back by the second cloud platform, analyzes the vulnerability scanning results, and determines vulnerability information of the target assets. Therefore, when vulnerability scanning needs to be carried out on target assets in a first cloud platform, a second cloud platform is determined from a cloud platform information list acquired in advance, and each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, namely, the first cloud platform and the second cloud platform can be communicated through a public network, so that vulnerability scanning tasks for scanning the target assets can be issued to the second cloud platform by the first cloud platform, the target assets also have corresponding public network addresses, so that the second cloud platform can be communicated with the target assets, a scanner on the second cloud platform can be used for scanning the target assets, corresponding vulnerability scanning results are obtained, the vulnerability scanning results are returned to the first cloud platform, the first cloud platform can obtain the vulnerability information of the target assets after analyzing the vulnerability scanning results, and thus vulnerability scanning tasks for scanning the assets are scattered to other cloud platforms except the cloud platforms corresponding to the assets, and the corresponding vulnerability scanning tasks on the cloud platforms are not easy to detect, so that the vulnerability scanning tasks on the target assets are not easy to detect.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flowchart of an asset vulnerability scanning method on a cloud platform disclosed in the present application;
FIG. 2 is a flowchart of a specific asset vulnerability scanning method on a cloud platform disclosed in the present application;
FIG. 3 is a schematic structural diagram of an asset vulnerability scanning apparatus on a cloud platform according to the present disclosure;
fig. 4 is a schematic structural diagram of an electronic device disclosed in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
At present, when a scanner is used for scanning assets on a cloud platform, the scanner in the cloud platform is in a certain network environment, and needs to scan all the assets in the whole cloud platform, and a large number of scanning tasks are borne, so that asset protection behaviors are easily caused, the scanning behaviors of the scanner are detected by protection equipment of the assets, flow is cut off or cleaned, and scanning results are inaccurate. In view of this, the present application provides an asset vulnerability scanning method on a cloud platform, which can improve the accuracy of asset vulnerability scanning on the cloud platform.
Referring to fig. 1, an embodiment of the present application discloses an asset vulnerability scanning method on a cloud platform, which is applied to a first cloud platform, and the method includes:
step S11: determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform.
In a specific implementation process, when vulnerability scanning needs to be performed on target assets on a first cloud platform, a second cloud platform needs to be determined from a cloud platform information list acquired in advance, wherein the target assets are assets to be subjected to vulnerability scanning in the first cloud platform, the target assets can be a host, a switch, a website, a database and the like, the cloud platform information list comprises information of different cloud platforms subjected to service registration, each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform.
Each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the target asset also has a corresponding public network address, so that each cloud platform in the cloud platform information list and the first cloud platform can be communicated with each other, and can also be communicated with the target asset. The second cloud platform may perform vulnerability scanning on the target asset.
Before a second cloud platform is determined from a pre-acquired cloud platform information list, acquiring the cloud platform information list from a cloud platform registration service, wherein the cloud platform information list comprises public network communication addresses of different cloud platforms which have been subjected to service registration, corresponding operator network information and geographic position information, and the cloud platform registration service is used for performing cloud platform registration; and storing the cloud platform information list.
The determining the second cloud platform from the pre-acquired cloud platform information list may specifically include: and reading a preset cloud platform quantity threshold value, and randomly determining a corresponding quantity of second cloud platforms from a pre-acquired cloud platform information list, wherein the cloud platform quantity threshold value can be an odd number greater than or equal to 3, and the cloud platform quantity threshold value is an odd number greater than or equal to 3, so that the final vulnerability information of the target asset can be determined according to a minority majority-obeying principle when vulnerability scanning results of the second cloud platforms are inconsistent.
In an actual process, virtual machines for vulnerability scanning need to be installed on the first cloud platform and the second cloud platform, wherein the virtual machines include scanners. Specifically, the virtual machines need to be created on the first cloud platform and the second cloud platform, and activated, so that the scanner on the virtual machine can normally perform vulnerability scanning on the assets on the cloud platform.
Step S12: and issuing a vulnerability scanning task for carrying out vulnerability scanning on the target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses.
After the second cloud platform is determined, a vulnerability scanning task for carrying out vulnerability scanning on the target assets of the first cloud platform needs to be issued to the second cloud platform, so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses. After receiving the vulnerability scanning task, the second cloud platform can transmit the vulnerability scanning task to respective virtual machines comprising scanners through respective northbound interfaces, the scanners on the virtual machines can carry out vulnerability scanning on the target assets, and vulnerability scanning results are returned to the first cloud platform by the second cloud platform.
Step S13: and receiving a vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset.
And the first cloud platform also needs to receive vulnerability scanning results fed back by the second cloud platform and analyze the vulnerability scanning results to determine vulnerability information of the target assets.
It can be seen that, according to the method and the device, a second cloud platform is determined from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are registered for service, each cloud platform in the cloud platform information list and a first cloud platform all have corresponding public network communication addresses, the second cloud platform is a cloud platform except the first cloud platform, and issues a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform, so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses, then receives vulnerability scanning results fed back by the second cloud platform, analyzes the vulnerability scanning results, and determines vulnerability information of the target assets. Therefore, when vulnerability scanning needs to be carried out on target assets in a first cloud platform, a second cloud platform is determined from a cloud platform information list acquired in advance, and each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, namely, the first cloud platform and the second cloud platform can be communicated through a public network, so that vulnerability scanning tasks for scanning the target assets can be issued to the second cloud platform by the first cloud platform, the target assets also have corresponding public network addresses, so that the second cloud platform can be communicated with the target assets, a scanner on the second cloud platform can be used for scanning the target assets, corresponding vulnerability scanning results are obtained, the vulnerability scanning results are returned to the first cloud platform, the first cloud platform can obtain the vulnerability information of the target assets after analyzing the vulnerability scanning results, and thus vulnerability scanning tasks for scanning the assets are scattered to other cloud platforms except the cloud platforms corresponding to the assets, and the corresponding vulnerability scanning tasks on the cloud platforms are not easy to detect, so that the vulnerability scanning tasks on the target assets are not easy to detect.
Referring to fig. 2, an embodiment of the present application discloses a specific asset vulnerability scanning method on a cloud platform, which is applied to a first cloud platform, and the method includes:
step S21: determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform.
Step S22: and issuing a vulnerability scanning task for carrying out vulnerability scanning on the target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses.
The specific implementation process of step S21 and step S22 may refer to the content disclosed in the foregoing embodiments, and is not described herein again.
Step S23: receiving vulnerability scanning results fed back by the second cloud platform, and judging whether the vulnerability scanning results fed back by the second cloud platforms are the same or not, wherein fingerprint information and vulnerability information in the vulnerability scanning results are obtained through scanning, and the fingerprint information is the asset fingerprint of the target asset.
The first cloud platform needs to receive vulnerability scanning results fed back by the second cloud platform and judges whether the vulnerability scanning results fed back by the second cloud platforms are the same or not, wherein fingerprint information and vulnerability information in the vulnerability scanning results are asset fingerprints of the target assets obtained through scanning. The fields included in the fingerprint information are specifically determined by the scanner, for example, the fingerprint information includes fields of operating system type, open port, and service. And if the target asset is a linux operating system, and a port is opened and a service is deployed at the port, extracting fields such as the type of the operating system, the opening port, the service and the like as the fingerprint information of the target asset. The vulnerability information includes a number to the scanned vulnerability.
And if any second cloud platform in the second cloud platforms does not return the vulnerability scanning result, determining a new second cloud platform from the cloud platforms which are close to the first cloud platform in the cloud platform information list to replace the second cloud platform which does not return the vulnerability scanning result, and scanning the vulnerability of the target asset.
Step S24: and if the vulnerability scanning results fed back by the second cloud platforms are the same, taking any vulnerability scanning result in the vulnerability scanning results fed back by the second cloud platforms as vulnerability information of the target asset, and storing and visually displaying the vulnerability information.
If the vulnerability scanning results fed back by the second cloud platforms are the same, the fact that the results of vulnerability scanning of the target assets by the scanners on the second cloud platforms are accurate is shown, so that any vulnerability scanning result in the vulnerability scanning results fed back by the second cloud platforms can be used as vulnerability information of the target assets, and the vulnerability information is stored and visually displayed. Since the vulnerability scanning results fed back by the second cloud platforms are the same, the vulnerability scanning results fed back by any one of the second cloud platforms can be used as the vulnerability information of the target asset.
Step S25: if the vulnerability scanning results fed back by the second cloud platforms are not identical, analyzing the vulnerability scanning results fed back by the second cloud platforms to obtain scanning accuracy, and performing corresponding scanning result processing operation based on the scanning accuracy.
If the vulnerability scanning results fed back by the second cloud platforms are not identical, it is indicated that some vulnerability scanning results in the vulnerability scanning results fed back by the second cloud platforms are not accurate, so that the vulnerability scanning results fed back by the second cloud platforms need to be analyzed to obtain a scanning accuracy, and corresponding scanning result processing operation is carried out based on the scanning accuracy.
Wherein, to each the vulnerability scanning result that the second cloud platform fed back carries out the analysis, obtains the scanning rate of accuracy, include: comparing and analyzing fingerprint information in the vulnerability scanning results fed back by the second cloud platforms to obtain a first accuracy rate; comparing and analyzing vulnerability information in the vulnerability scanning results fed back by the second cloud platforms to obtain a second accuracy rate; determining a scan accuracy rate based on the first accuracy rate and the second accuracy rate.
Wherein, to each fingerprint information in the vulnerability scanning result that the second cloud platform feedbacks carries out comparison analysis, obtains first rate of accuracy, includes: judging whether the fingerprint information in the vulnerability scanning results fed back by the second cloud platforms is the same or not; if the first preset accuracy threshold is the same as the first preset accuracy threshold, taking the first preset accuracy threshold as a first accuracy; and if not, taking a second preset accuracy threshold as a first accuracy, wherein the first accuracy threshold is larger than the second accuracy threshold.
In a specific implementation process, the fingerprint information and the vulnerability information respectively correspond to a first preset accuracy threshold and a third preset accuracy threshold, and the sum of the first preset accuracy threshold and the third preset accuracy threshold is equal to 1. For example, the first preset accuracy threshold and the third preset accuracy threshold are both 50%.
If the fingerprint information in the vulnerability scanning result fed back by each second cloud platform is the same, a first preset accuracy threshold value can be used as a first accuracy, and if the fingerprint information in the vulnerability scanning result fed back by each second cloud platform is not completely the same, a second preset accuracy threshold value can be used as a first accuracy, wherein the first accuracy threshold value is larger than the second accuracy threshold value. For example, the second preset accuracy threshold may be 0.
In a specific implementation process, the fingerprint information may include a plurality of fingerprint items, and then the accuracy threshold corresponding to each fingerprint item may be determined based on a first preset accuracy threshold corresponding to the fingerprint information, for example, the first preset accuracy threshold is 50%, so that the fingerprint information includes 4 fingerprint items, and the accuracy threshold corresponding to each fingerprint item may be (50/4)%. Judging whether the fingerprint information in the vulnerability scanning result fed back by each second cloud platform is the same or not, which may specifically include: and respectively judging whether each fingerprint item in the fingerprint information in the vulnerability scanning result fed back by each second cloud platform is the same, if so, taking an accuracy threshold corresponding to the fingerprint item as the accuracy of the fingerprint item, if not, taking 0 as the accuracy of the fingerprint item, and then taking the sum of the accuracies of the fingerprint items as a first accuracy. For example, the second cloud platform includes a second cloud platform a, a second cloud platform B, and a second cloud platform C in total, the fingerprint information includes 4 fingerprint items, fingerprint item 1, fingerprint item 2, fingerprint item 3, and fingerprint item 4, the fingerprint items 1 of the second cloud platform a, the second cloud platform B, and the second cloud platform C are all the same, the fingerprint items 2 of the second cloud platform a, the second cloud platform B, and the second cloud platform C are all the same, the fingerprint items 3 of the second cloud platform a, the second cloud platform B, and the second cloud platform C are not all the same, the fingerprint items 4 of the second cloud platform a, the second cloud platform B, and the second cloud platform C are all the same, and then the first accuracy corresponding to the fingerprint information is (50 x 3/4)%.
The above comparing and analyzing the vulnerability information in the vulnerability scanning result fed back by each second cloud platform to obtain a second accuracy rate, which includes: comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each second cloud platform to determine a first vulnerability number and a second vulnerability number, wherein the first vulnerability number is the number of the same vulnerabilities in the vulnerability scanning results fed back by each second cloud platform, and the second vulnerability number is the difference value between the total number of vulnerabilities in the vulnerability scanning results fed back by each second cloud platform and the first vulnerability number; determining vulnerability scanning accuracy based on the first vulnerability number and the second vulnerability number; and determining a second accuracy rate based on the vulnerability scanning accuracy rate and a third preset accuracy rate threshold value.
That is, the vulnerability information in the vulnerability scanning result fed back by the second cloud platform can be compared and analyzed to determine the first vulnerability number of vulnerabilities included in the vulnerability information and the difference between the total number of vulnerabilities in the vulnerability information and the first vulnerability number as the second vulnerability number. Then, the vulnerability scanning accuracy can be determined based on the first vulnerability quantity and the second vulnerability quantity, specifically, a value of the second vulnerability quantity to the first vulnerability quantity can be used as a vulnerability scanning error rate, then a difference value between 1 and the scanning error rate is used as a vulnerability scanning accuracy rate, and then a product of the vulnerability scanning accuracy rate and a third preset accuracy rate threshold value is used to determine a second accuracy rate, for example, the third preset accuracy rate threshold value is 50%, the vulnerability scanning accuracy rate is 5/6, and then the second accuracy rate is (50 x 5/6)%.
After the first accuracy and the second accuracy are obtained, the scanning accuracy may be determined based on the first accuracy and the second accuracy, and specifically, a sum of the first accuracy and the second accuracy may be used as the scanning accuracy.
After obtaining the scanning accuracy, the method further needs to perform corresponding scanning result processing operations based on the scanning accuracy, including: judging whether the scanning accuracy is greater than or equal to a preset scanning accuracy; if the scanning accuracy is greater than or equal to a preset scanning accuracy, determining vulnerability information of the target asset based on vulnerability scanning results fed back by the second cloud platforms, and storing and visually displaying the vulnerability information; and if the scanning accuracy is smaller than the preset scanning accuracy, carrying out vulnerability scanning on the target asset again.
Firstly, whether the scanning accuracy is greater than or equal to a preset scanning accuracy is judged, for example, the preset scanning accuracy threshold is 97%, and if the scanning accuracy is greater than or equal to the preset scanning accuracy, vulnerability information of the target asset is determined based on vulnerability scanning results fed back by the second cloud platforms, and the vulnerability information is stored and visually displayed. Specifically, the intersection of the vulnerability scanning results fed back by each second cloud platform may be used as vulnerability information of the target asset, and the vulnerability information is stored and visually displayed.
And if the scanning accuracy is smaller than the preset scanning accuracy, carrying out vulnerability scanning on the target asset again. Specifically, a third cloud platform may be determined from the cloud platform information list, where the number of the third cloud platforms is greater than the number of the second cloud platforms, and the vulnerability scanning step is executed again. And if the target assets are continuously scanned for three times and the obtained scanning accuracy rates are all lower than a preset scanning accuracy rate threshold value, the intersection of vulnerability scanning results with higher scanning accuracy rates can be used as vulnerability information of the target assets.
And when the scanning accuracy is smaller than the preset scanning accuracy, firstly, not scanning the target assets for vulnerabilities again, firstly, recording the asset information of the target assets into a rescan table, and scanning the assets in the rescan table for vulnerabilities after a certain time interval.
Referring to fig. 3, an embodiment of the present application discloses an asset vulnerability scanning apparatus on a cloud platform, which is applied to a first cloud platform, and includes:
the cloud platform determining module 11 is configured to determine a second cloud platform from a pre-obtained cloud platform information list, where the cloud platform information list includes information of different cloud platforms that have been service-registered, each cloud platform and the first cloud platform in the cloud platform information list have corresponding public network communication addresses, and the second cloud platform is a cloud platform other than the first cloud platform;
the task issuing module 12 is configured to issue a vulnerability scanning task for performing vulnerability scanning on a target asset in the first cloud platform to the second cloud platform, so that the second cloud platform calls a scanner of the second cloud platform to perform vulnerability scanning on the target asset, where the target asset has a corresponding public network communication address;
and the vulnerability scanning result analysis module 13 is configured to receive the vulnerability scanning result fed back by the second cloud platform, analyze the vulnerability scanning result, and determine vulnerability information of the target asset.
It can be seen that, according to the application, a second cloud platform is determined from a cloud platform information list acquired in advance, wherein the cloud platform information list comprises information of different cloud platforms which are registered for service, each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, the second cloud platform is a cloud platform except the first cloud platform, and issues a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform, so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses, then receives vulnerability scanning results fed back by the second cloud platform, analyzes the vulnerability scanning results, and determines vulnerability information of the target assets. Therefore, when vulnerability scanning needs to be carried out on target assets in a first cloud platform, a second cloud platform is determined from a cloud platform information list acquired in advance, and each cloud platform in the cloud platform information list and the first cloud platform all have corresponding public network communication addresses, namely, the first cloud platform and the second cloud platform can be communicated through a public network, so that vulnerability scanning tasks for scanning the target assets can be issued to the second cloud platform by the first cloud platform, the target assets also have corresponding public network addresses, so that the second cloud platform can be communicated with the target assets, a scanner on the second cloud platform can be used for scanning the target assets, corresponding vulnerability scanning results are obtained, the vulnerability scanning results are returned to the first cloud platform, the first cloud platform can obtain the vulnerability information of the target assets after analyzing the vulnerability scanning results, and thus vulnerability scanning tasks for scanning the assets are scattered to other cloud platforms except the cloud platforms corresponding to the assets, and the corresponding vulnerability scanning tasks on the cloud platforms are not easy to detect, so that the vulnerability scanning tasks on the target assets are not easy to detect.
In some specific embodiments, the asset vulnerability scanning apparatus on the cloud platform further includes:
the information acquisition module is used for acquiring the cloud platform information list from a cloud platform registration service, wherein the cloud platform information list comprises public network communication addresses of different cloud platforms which are subjected to service registration, corresponding operator network information and geographic position information, and the cloud platform registration service is used for performing cloud platform registration;
and the storage module is used for storing the cloud platform information list.
In some specific embodiments, the vulnerability scanning result analysis module 13 is configured to:
judging whether the vulnerability scanning results fed back by the second cloud platforms are the same or not, wherein fingerprint information and vulnerability information in the vulnerability scanning results are obtained through scanning, and the fingerprint information is the asset fingerprint of the target asset;
if the vulnerability scanning results fed back by the second cloud platforms are the same, any vulnerability scanning result in the vulnerability scanning results fed back by the second cloud platforms is used as vulnerability information of the target asset, and the vulnerability information is stored and visually displayed;
and if the vulnerability scanning results fed back by the second cloud platforms are not identical, analyzing the vulnerability scanning results fed back by the second cloud platforms to obtain scanning accuracy, and performing corresponding scanning result processing operation based on the scanning accuracy.
In some specific embodiments, the vulnerability scanning result analysis module 13 is configured to:
judging whether the scanning accuracy is greater than or equal to a preset scanning accuracy;
if the scanning accuracy is greater than or equal to a preset scanning accuracy, determining vulnerability information of the target asset based on vulnerability scanning results fed back by the second cloud platforms, and storing and visually displaying the vulnerability information;
and if the scanning accuracy is smaller than the preset scanning accuracy, carrying out vulnerability scanning on the target asset again.
In some specific embodiments, the vulnerability scanning result analysis module 13 is configured to:
comparing and analyzing fingerprint information in the vulnerability scanning results fed back by the second cloud platforms to obtain a first accuracy rate;
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each second cloud platform to obtain a second accuracy rate;
determining a scan accuracy rate based on the first accuracy rate and the second accuracy rate.
In some specific embodiments, the vulnerability scanning result analysis module 13 is configured to:
judging whether the fingerprint information in the vulnerability scanning results fed back by the second cloud platforms is the same or not;
if the first preset accuracy threshold is the same as the first preset accuracy threshold, taking the first preset accuracy threshold as a first accuracy;
and if not, taking a second preset accuracy threshold as a first accuracy, wherein the first accuracy threshold is larger than the second accuracy threshold.
In some specific embodiments, the vulnerability scanning result analysis module 13 is configured to:
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each second cloud platform to determine a first vulnerability number and a second vulnerability number, wherein the first vulnerability number is the number of the same vulnerabilities in the vulnerability scanning results fed back by each second cloud platform, and the second vulnerability number is the difference value between the total number of vulnerabilities in the vulnerability scanning results fed back by each second cloud platform and the first vulnerability number;
determining vulnerability scanning accuracy based on the first vulnerability number and the second vulnerability number;
and determining a second accuracy rate based on the vulnerability scanning accuracy rate and a third preset accuracy rate threshold value.
Referring to fig. 4, a schematic structural diagram of an electronic device 20 provided in the embodiment of the present application is shown, where the electronic device 20 may specifically implement the steps of the asset vulnerability scanning method on a cloud platform.
In general, the electronic device 20 in the present embodiment includes: a processor 21 and a memory 22.
The processor 21 may include one or more processing cores, such as a four-core processor, an eight-core processor, and so on. The processor 21 may be implemented by at least one hardware of a DSP (digital signal processing), an FPGA (field-programmable gate array), and a PLA (programmable logic array). The processor 21 may also include a main processor and a coprocessor, where the main processor is a processor for processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 21 may be integrated with a GPU (graphics processing unit) which is responsible for rendering and drawing images to be displayed on the display screen. In some embodiments, the processor 21 may include an AI (artificial intelligence) processor for processing computing operations related to machine learning.
Memory 22 may include one or more computer-readable storage media, which may be non-transitory. Memory 22 may also include high speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In this embodiment, the memory 22 is at least used for storing the following computer program 221, wherein after being loaded and executed by the processor 21, the steps of the asset vulnerability scanning method on the cloud platform disclosed in any of the foregoing embodiments can be implemented.
In some embodiments, the electronic device 20 may further include a display 23, an input/output interface 24, a communication interface 25, a sensor 26, a power supply 27, and a communication bus 28.
Those skilled in the art will appreciate that the configuration shown in FIG. 4 is not limiting to electronic device 20 and may include more or fewer components than those shown.
Further, an embodiment of the present application also discloses a computer-readable storage medium for storing a computer program, where the computer program is executed by a processor to implement the asset vulnerability scanning method on a cloud platform disclosed in any of the foregoing embodiments.
For a specific process of the asset vulnerability scanning method on the cloud platform, reference may be made to corresponding contents disclosed in the foregoing embodiments, which are not described herein again.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of other elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The method, the device, the equipment and the medium for scanning the asset vulnerabilities on the cloud platform are introduced in detail, specific examples are applied to explain the principle and the implementation mode of the method, and the description of the embodiments is only used for helping to understand the method and the core idea of the method; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (10)

1. A method for scanning asset vulnerabilities on a cloud platform is characterized by being applied to a first cloud platform and comprising the following steps:
determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform in the cloud platform information list and the first cloud platform have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform;
issuing a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses;
and receiving a vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset.
2. The method according to claim 1, wherein before determining the second cloud platform from the pre-obtained cloud platform information list, the method further comprises:
the method comprises the steps that a cloud platform information list is obtained from cloud platform registration service, wherein the cloud platform information list comprises public network communication addresses of different cloud platforms which are subjected to service registration, corresponding operator network information and geographic position information, and the cloud platform registration service is used for performing cloud platform registration;
and storing the cloud platform information list.
3. The method according to claim 1 or 2, wherein the analyzing the vulnerability scanning result to determine vulnerability information of the target asset comprises:
judging whether the vulnerability scanning results fed back by the second cloud platforms are the same or not, wherein fingerprint information and vulnerability information in the vulnerability scanning results are obtained through scanning, and the fingerprint information is the asset fingerprint of the target asset;
if the vulnerability scanning results fed back by the second cloud platforms are the same, any vulnerability scanning result in the vulnerability scanning results fed back by the second cloud platforms is used as vulnerability information of the target asset, and the vulnerability information is stored and visually displayed;
and if the vulnerability scanning results fed back by the second cloud platforms are not identical, analyzing the vulnerability scanning results fed back by the second cloud platforms to obtain scanning accuracy, and performing corresponding scanning result processing operation based on the scanning accuracy.
4. The method according to claim 3, wherein the performing corresponding scanning result processing operations based on the scanning accuracy comprises:
judging whether the scanning accuracy is greater than or equal to a preset scanning accuracy;
if the scanning accuracy is greater than or equal to a preset scanning accuracy, determining vulnerability information of the target asset based on vulnerability scanning results fed back by the second cloud platforms, and storing and visually displaying the vulnerability information;
and if the scanning accuracy is smaller than the preset scanning accuracy, carrying out vulnerability scanning on the target asset again.
5. The method according to claim 3, wherein the analyzing the vulnerability scanning results fed back by the second cloud platforms to obtain a scanning accuracy includes:
comparing and analyzing fingerprint information in the vulnerability scanning results fed back by the second cloud platforms to obtain a first accuracy rate;
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by the second cloud platforms to obtain a second accuracy rate;
determining a scan accuracy rate based on the first accuracy rate and the second accuracy rate.
6. The asset vulnerability scanning method on the cloud platform according to claim 5, wherein the comparing and analyzing the fingerprint information in the vulnerability scanning results fed back by each of the second cloud platforms to obtain a first accuracy rate comprises:
judging whether the fingerprint information in the vulnerability scanning results fed back by the second cloud platforms is the same or not;
if the first preset accuracy threshold is the same as the first preset accuracy threshold, taking the first preset accuracy threshold as a first accuracy;
and if not, taking a second preset accuracy threshold as a first accuracy, wherein the first accuracy threshold is larger than the second accuracy threshold.
7. The method for scanning the asset vulnerabilities on the cloud platform according to claim 5, wherein the comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each of the second cloud platforms to obtain a second accuracy includes:
comparing and analyzing vulnerability information in the vulnerability scanning results fed back by each second cloud platform to determine a first vulnerability number and a second vulnerability number, wherein the first vulnerability number is the number of the same vulnerabilities in the vulnerability scanning results fed back by each second cloud platform, and the second vulnerability number is the difference value between the total number of vulnerabilities in the vulnerability scanning results fed back by each second cloud platform and the first vulnerability number;
determining vulnerability scanning accuracy based on the first vulnerability number and the second vulnerability number;
and determining a second accuracy rate based on the vulnerability scanning accuracy rate and a third preset accuracy rate threshold value.
8. The utility model provides an asset vulnerability scanning device on cloud platform which characterized in that is applied to first cloud platform, includes:
the cloud platform determining module is used for determining a second cloud platform from a pre-acquired cloud platform information list, wherein the cloud platform information list comprises information of different cloud platforms which are subjected to service registration, each cloud platform and the first cloud platform in the cloud platform information list have corresponding public network communication addresses, and the second cloud platform is a cloud platform except the first cloud platform;
the task issuing module is used for issuing a vulnerability scanning task for carrying out vulnerability scanning on target assets in the first cloud platform to the second cloud platform so that the second cloud platform calls a scanner of the second cloud platform to carry out vulnerability scanning on the target assets, wherein the target assets have corresponding public network communication addresses;
and the vulnerability scanning result analysis module is used for receiving the vulnerability scanning result fed back by the second cloud platform, analyzing the vulnerability scanning result and determining vulnerability information of the target asset.
9. An electronic device, comprising:
a memory and a processor;
wherein the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the method for scanning for asset vulnerabilities on a cloud platform of any one of claims 1 to 7.
10. A computer-readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the method for asset vulnerability scanning on a cloud platform of any of claims 1 to 7.
CN202110057797.9A 2021-01-15 2021-01-15 Asset vulnerability scanning method, device, equipment and medium on cloud platform Active CN112839047B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110057797.9A CN112839047B (en) 2021-01-15 2021-01-15 Asset vulnerability scanning method, device, equipment and medium on cloud platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110057797.9A CN112839047B (en) 2021-01-15 2021-01-15 Asset vulnerability scanning method, device, equipment and medium on cloud platform

Publications (2)

Publication Number Publication Date
CN112839047A CN112839047A (en) 2021-05-25
CN112839047B true CN112839047B (en) 2023-03-21

Family

ID=75928510

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110057797.9A Active CN112839047B (en) 2021-01-15 2021-01-15 Asset vulnerability scanning method, device, equipment and medium on cloud platform

Country Status (1)

Country Link
CN (1) CN112839047B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039742A (en) * 2021-09-26 2022-02-11 北京华云安信息技术有限公司 Vulnerability management method, system, device and storage medium
CN116578996B (en) * 2023-07-14 2023-09-08 北京立思辰安科技术有限公司 Data processing system for acquiring final vulnerability scanning equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836855A (en) * 2015-04-30 2015-08-12 国网四川省电力公司电力科学研究院 Web application safety situation assessment system based on multi-source data fusion
CN110943984A (en) * 2019-11-25 2020-03-31 中国联合网络通信集团有限公司 Asset safety protection method and device
CN111865981A (en) * 2020-07-20 2020-10-30 交通运输信息安全中心有限公司 Network security vulnerability assessment system and method

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100817799B1 (en) * 2006-10-13 2008-03-31 한국정보보호진흥원 System and method for network vulnerability analysis using the multiple heterogeneous scanners
US8789190B2 (en) * 2011-12-23 2014-07-22 Mcafee, Inc. System and method for scanning for computer vulnerabilities in a network environment
CN107294924B (en) * 2016-04-01 2020-08-11 阿里巴巴集团控股有限公司 Vulnerability detection method, device and system
US11005876B2 (en) * 2017-05-11 2021-05-11 Tenable, Inc. Elastic asset-based licensing model for use in a vulnerability management system
CN109428878B (en) * 2017-09-01 2021-11-23 阿里巴巴集团控股有限公司 Vulnerability detection method, detection device and detection system
CN108282489B (en) * 2018-02-07 2020-01-31 网宿科技股份有限公司 vulnerability scanning method, server and system
CN110311912B (en) * 2019-07-01 2022-06-21 深信服科技股份有限公司 Cloud server, intranet scanning client, system, intranet remote scanning method and device and storage medium
CN111447224A (en) * 2020-03-26 2020-07-24 江苏亨通工控安全研究院有限公司 Web vulnerability scanning method and vulnerability scanner
CN111711613B (en) * 2020-05-26 2022-05-13 微梦创科网络科技(中国)有限公司 Network security vulnerability scanning method and system
CN111723374A (en) * 2020-06-05 2020-09-29 绿盟科技集团股份有限公司 Vulnerability scanning method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836855A (en) * 2015-04-30 2015-08-12 国网四川省电力公司电力科学研究院 Web application safety situation assessment system based on multi-source data fusion
CN110943984A (en) * 2019-11-25 2020-03-31 中国联合网络通信集团有限公司 Asset safety protection method and device
CN111865981A (en) * 2020-07-20 2020-10-30 交通运输信息安全中心有限公司 Network security vulnerability assessment system and method

Also Published As

Publication number Publication date
CN112839047A (en) 2021-05-25

Similar Documents

Publication Publication Date Title
CN108665297B (en) Method and device for detecting abnormal access behavior, electronic equipment and storage medium
US10395120B2 (en) Method, apparatus, and system for identifying objects in video images and displaying information of same
EP3476092B1 (en) Automation of image validation
CN112839047B (en) Asset vulnerability scanning method, device, equipment and medium on cloud platform
CN109886928B (en) Target cell marking method, device, storage medium and terminal equipment
US11620474B2 (en) Model reselection for accommodating unsatisfactory training data
US9053170B2 (en) Relationship discovery in business analytics
WO2023273895A1 (en) Method for evaluating clustering-based target detection model
CN112529575A (en) Risk early warning method, equipment, storage medium and device
CN112100619A (en) Malicious file detection method, system, equipment and computer storage medium
CN110020184A (en) Information recommendation method, device, electronic equipment and server
US10824976B2 (en) Infeasibility management in e-sourcing systems
CN111949696A (en) Full-factor correlation analysis method and device
CN111881010A (en) Method and device for predicting performance of storage equipment and computer readable storage medium
US11853948B2 (en) Methods and systems for managing risk with respect to potential customers
CN110830515A (en) Flow detection method and device and electronic equipment
US20210150612A1 (en) Apparatus, system and method for providing customized clothing recommendation service
CN115035129A (en) Goods identification method and device, electronic equipment and storage medium
CN111222377A (en) Commodity information determining method and device and electronic equipment
CN117556078B (en) Visual vehicle registration certificate file management method and device and electronic equipment
CN114820886A (en) Card surface generation method and device based on big data, computer equipment and medium
CN113065071B (en) Product information recommendation method and computer equipment
CN116682071B (en) Commodity interest information analysis method, equipment and storage medium
JP2010108102A (en) Action pattern extraction device, method, and program
CN113095271A (en) Method, device, equipment, storage medium and program product for analyzing good sales degree

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant