CN112926942A - Internet asset exposure information checking method - Google Patents
Internet asset exposure information checking method Download PDFInfo
- Publication number
- CN112926942A CN112926942A CN202110252040.5A CN202110252040A CN112926942A CN 112926942 A CN112926942 A CN 112926942A CN 202110252040 A CN202110252040 A CN 202110252040A CN 112926942 A CN112926942 A CN 112926942A
- Authority
- CN
- China
- Prior art keywords
- information
- asset
- internet
- enterprise
- exposure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000011835 investigation Methods 0.000 claims abstract description 18
- 238000001514 detection method Methods 0.000 claims abstract description 17
- 238000005422 blasting Methods 0.000 claims abstract description 8
- 230000008859 change Effects 0.000 claims description 35
- 238000004364 calculation method Methods 0.000 claims description 24
- 238000012795 verification Methods 0.000 claims description 16
- 230000000007 visual effect Effects 0.000 claims description 11
- 230000001960 triggered effect Effects 0.000 claims description 10
- 238000004458 analytical method Methods 0.000 claims description 7
- 230000007123 defense Effects 0.000 claims description 5
- 230000002688 persistence Effects 0.000 claims description 5
- 230000007704 transition Effects 0.000 claims description 4
- 238000005206 flow analysis Methods 0.000 abstract description 6
- 238000012544 monitoring process Methods 0.000 abstract description 5
- 238000012502 risk assessment Methods 0.000 abstract description 3
- 238000009616 inductively coupled plasma Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The invention discloses an internet asset exposure information checking method, which comprises the following steps: s1, confirming known clue information; s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm; s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool; and S4, analyzing the opened port, protocol and component application of the asset. According to the method, the domain name and Ip list of the enterprise are obtained through the association algorithms of the certificate, the sub-domain blasting, the flow analysis, the ICP information, the domain name registration information, the enterprise name, the app, the WeChat applet and the like, then the domain name and the IP are detected by using an asset detection tool, the open port, the protocol and the component application of the asset are analyzed, the comprehensive exposure surface investigation is performed on the internet assets of the enterprise, the attack surface can be converged, the attack risk is reduced, the internal management of the enterprise is perfected, the report of a monitored unit is reduced, and a foundation is laid for the subsequent security risk assessment and monitoring.
Description
Technical Field
The invention belongs to the technical field of asset security, and particularly relates to an internet asset exposure information investigation method.
Background
With the increasing access quantity of the national internet finance monitoring department (hereinafter referred to as national monitoring department) to the internet finance (internet financial point-to-point loan platform) enterprises, the problems of integrity and authenticity of transaction data occur, however, various internet asset exposure information investigation methods on the market still have various problems.
Although the network asset anomaly detection method, system, medium and device disclosed in the publication No. CN111339297A achieve the general detection method that improves the efficiency and accuracy of the private network asset anomaly detection and can be applied to various abnormal threat scenarios, the existing internet asset exposure information inspection method still has some problems: the method is characterized in that the method is large in internet assets, large in scale, limited in personnel and limited in technical means, so that machine accounts are incomplete, inaccurate, poor in timeliness, weak in management and control, and reported without follow, and the problem is always solved by a defender, and therefore the method for checking the exposure information of the internet assets is provided.
Disclosure of Invention
The invention aims to provide an internet asset exposure information investigation method to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme: an internet asset exposure information investigation method comprises the following steps:
s1, confirming known clue information;
s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm;
s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool;
and S4, analyzing the opened port, protocol and component application of the asset.
Preferably, the known clues of S1 include a business domain name, an IP, and a business information keyword.
Preferably, the association algorithm in S2 includes certificate, sub domain blasting, traffic analysis, ICP information, domain registration information, business name, app, and wechat applet.
Preferably, the S1 further includes an asset identification for identifying the asset information, and determining the asset information after identifying the asset information.
Preferably, the asset identification includes dynamic calculation of data and persistence of the data, the dynamic calculation of the data is used for dynamically calculating the data, and the asset information changes along with the change of the information.
Preferably, the S3 further includes an internet asset combing task, where the internet asset combing task is composed of a port scan foeye, an asset association algorithm focii, and a security technician analysis.
Preferably, the internet asset combing work specifically comprises: through Foeye active detection scanning, four recommendation algorithms/keyword retrieval and safety personnel, a third-party tool is combined with attack and defense experience to investigate unregistered and unknown assets of an enterprise on the Internet side, and support the change of any information of related working assets such as an enterprise convergence Internet application asset exposure surface and the like, the calculation of asset change information is triggered, or the calculation of asset change information is triggered in the information display process, each time the asset information changes, a certain previous batch of assets are searched according to a main key or related information of the assets, the two times of information are taken to compare corresponding fields, and the generated difference information is stored or displayed.
Preferably, after the triggering of the calculation of the asset transition information, the method further includes executing related codes, where the specific steps of executing the related codes are as follows:
step one, obtaining the asset information modified this time;
step two, according to the related information of the assets, searching the related asset information of a certain previous batch;
comparing the fields according to the corresponding information to find change information, and identifying the increase, decrease and change of the change information, wherein the change information comprises fields, batches, tasks, time and the like;
and step four, displaying or storing the change information.
Preferably, the method further includes, before S1, establishing an internet login module, where the internet login module includes an identity information verification unit, and the identity information verification unit is configured to perform verification login through identity information or verify login through a mobile phone verification code when logging in the internet.
Preferably, an alarm establishing module is further included after S4, and the alarm module includes an audible and visual alarm, and the audible and visual alarm is configured to generate an audible and visual alarm when the asset information changes.
Compared with the prior art, the invention has the beneficial effects that:
(1) according to the method, the domain name and Ip list of the enterprise are obtained through the association algorithms of the certificate, the sub-domain blasting, the flow analysis, the ICP information, the domain name registration information, the enterprise name, the app, the WeChat applet and the like, then the domain name and the IP are detected by using an asset detection tool, the open port, the protocol and the component application of the asset are analyzed, the comprehensive exposure surface investigation is performed on the internet assets of the enterprise, the attack surface can be converged, the attack risk is reduced, the internal management of the enterprise is perfected, the report of a monitored unit is reduced, and a foundation is laid for the subsequent security risk assessment and monitoring.
(2) The invention can comprehensively check the assets of the enterprise Internet and find out more assets through the association algorithm.
Drawings
FIG. 1 is a block flow diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Referring to fig. 1, the present invention provides a technical solution: an internet asset exposure information investigation method comprises the following steps:
s1, confirming known clue information;
s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm;
s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool;
and S4, analyzing the opened port, protocol and component application of the asset.
In this embodiment, the known clues of S1 preferably include an enterprise domain name, an IP, and an enterprise information keyword.
In this embodiment, preferably, the association algorithm in S2 includes a certificate, sub domain blasting, flow analysis, ICP information, domain registration information, enterprise name, app, and wechat applet.
In this embodiment, preferably, the S1 further includes an asset identification, where the asset identification is used to identify the asset information, and after the asset information is identified, the asset information is determined.
In this embodiment, preferably, the asset identification includes dynamic calculation of data and persistence of the data, the dynamic calculation of the data is used for dynamically calculating the data, and when the information changes, the asset information changes.
In this embodiment, preferably, the S3 further includes an internet asset combing task, where the internet asset combing task is composed of a port scan foeye, an asset association algorithm focii, and a security technician analysis.
In this embodiment, preferably, the internet asset combing work specifically includes: through Foeye active detection scanning, four recommendation algorithms/keyword retrieval and safety personnel, a third-party tool is combined with attack and defense experience to investigate unregistered and unknown assets of an enterprise on the Internet side, and support the change of any information of related working assets such as an enterprise convergence Internet application asset exposure surface and the like, the calculation of asset change information is triggered, or the calculation of asset change information is triggered in the information display process, each time the asset information changes, a certain previous batch of assets are searched according to a main key or related information of the assets, the two times of information are taken to compare corresponding fields, and the generated difference information is stored or displayed.
In this embodiment, preferably, after the triggering of the calculation of the asset transition information, the method further includes executing a related code, where the specific step of executing the related code is:
step one, obtaining the asset information modified this time;
step two, according to the related information of the assets, searching the related asset information of a certain previous batch;
comparing the fields according to the corresponding information to find change information, and identifying the increase, decrease and change of the change information, wherein the change information comprises fields, batches, tasks, time and the like;
and step four, displaying or storing the change information.
In this embodiment, preferably, the step S1 is preceded by establishing an enterprise internet login module, where the enterprise internet login module includes an identity information verification unit, and the identity information verification unit is configured to perform verification login through identity information or verify login through a mobile phone verification code when logging in to the enterprise internet, so as to prevent direct login and increase security due to application of a website address remembering a password.
In this embodiment, preferably, after S4, an alarm module is further included, where the alarm module includes an audible and visual alarm, and the audible and visual alarm is used to generate an audible and visual alarm when asset information changes, so as to prompt a subordinate unit to report in time, thereby reducing the risk of untimely processing or processing omission.
Example 2
Referring to fig. 1, the present invention provides a technical solution: an internet asset exposure information investigation method comprises the following steps:
s1, confirming known clue information;
s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm;
s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool;
and S4, analyzing the opened port, protocol and component application of the asset.
In this embodiment, the known clues of S1 preferably include an enterprise domain name, an IP, and an enterprise information keyword.
In this embodiment, preferably, the association algorithm in S2 includes a certificate, sub domain blasting, flow analysis, ICP information, domain registration information, enterprise name, app, and wechat applet.
In this embodiment, preferably, the S1 further includes an asset identification, where the asset identification is used to identify the asset information, and after the asset information is identified, the asset information is determined.
In this embodiment, preferably, the asset identification includes dynamic calculation of data and persistence of the data, the dynamic calculation of the data is used for dynamically calculating the data, and when the information changes, the asset information changes.
In this embodiment, preferably, the S3 further includes an internet asset combing task, where the internet asset combing task is composed of a port scan foeye, an asset association algorithm focii, and a security technician analysis.
In this embodiment, preferably, the internet asset combing work specifically includes: through Foeye active detection scanning, four recommendation algorithms/keyword retrieval and safety personnel, a third-party tool is combined with attack and defense experience to investigate unregistered and unknown assets of an enterprise on the Internet side, and support the change of any information of related working assets such as an enterprise convergence Internet application asset exposure surface and the like, the calculation of asset change information is triggered, or the calculation of asset change information is triggered in the information display process, each time the asset information changes, a certain previous batch of assets are searched according to a main key or related information of the assets, the two times of information are taken to compare corresponding fields, and the generated difference information is stored or displayed.
In this embodiment, preferably, after the triggering of the calculation of the asset transition information, the method further includes executing a related code, where the specific step of executing the related code is:
step one, obtaining the asset information modified this time;
step two, according to the related information of the assets, searching the related asset information of a certain previous batch;
comparing the fields according to the corresponding information to find change information, and identifying the increase, decrease and change of the change information, wherein the change information comprises fields, batches, tasks, time and the like;
and step four, displaying or storing the change information.
In this embodiment, preferably, after S4, an alarm module is further included, where the alarm module includes an audible and visual alarm, and the audible and visual alarm is used to generate an audible and visual alarm when asset information changes, so as to prompt a subordinate unit to report in time, thereby reducing the risk of untimely processing or processing omission.
Example 3
Referring to fig. 1, the present invention provides a technical solution: an internet asset exposure information investigation method comprises the following steps:
s1, confirming known clue information;
s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm;
s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool;
and S4, analyzing the opened port, protocol and component application of the asset.
In this embodiment, the known clues of S1 preferably include an enterprise domain name, an IP, and an enterprise information keyword.
In this embodiment, preferably, the association algorithm in S2 includes a certificate, sub domain blasting, flow analysis, ICP information, domain registration information, enterprise name, app, and wechat applet.
In this embodiment, preferably, the S1 further includes an asset identification, where the asset identification is used to identify the asset information, and after the asset information is identified, the asset information is determined.
In this embodiment, preferably, the asset identification includes dynamic calculation of data and persistence of the data, the dynamic calculation of the data is used for dynamically calculating the data, and when the information changes, the asset information changes.
In this embodiment, preferably, the S3 further includes an internet asset combing task, where the internet asset combing task is composed of a port scan foeye, an asset association algorithm focii, and a security technician analysis.
In this embodiment, preferably, the internet asset combing work specifically includes: through Foeye active detection scanning, four recommendation algorithms/keyword retrieval and safety personnel, a third-party tool is combined with attack and defense experience to investigate unregistered and unknown assets of an enterprise on the Internet side, and support the change of any information of related working assets such as an enterprise convergence Internet application asset exposure surface and the like, the calculation of asset change information is triggered, or the calculation of asset change information is triggered in the information display process, each time the asset information changes, a certain previous batch of assets are searched according to a main key or related information of the assets, the two times of information are taken to compare corresponding fields, and the generated difference information is stored or displayed.
In this embodiment, preferably, the step S1 is preceded by establishing an enterprise internet login module, where the enterprise internet login module includes an identity information verification unit, and the identity information verification unit is configured to perform verification login through identity information or verify login through a mobile phone verification code when logging in to the enterprise internet, so as to prevent direct login and increase security due to application of a website address remembering a password.
The working principle and the advantages of the invention are as follows: according to the method, a domain name and an Ip list of an enterprise are obtained through a certificate, sub-domain blasting, flow analysis, ICP (inductively coupled plasma) information, domain name registration information, an enterprise name, app (application program), a WeChat applet and other association algorithms, then an asset detection tool is used for detecting the domain name and the IP, the open port, protocol and component application of the asset are analyzed, and the comprehensive exposure surface investigation is performed on the internet assets of the enterprise, so that the attack surface can be converged, the attack risk is reduced, the internal management of the enterprise is perfected, the report of a monitored unit is reduced, and a foundation is laid for subsequent security risk assessment and monitoring; enterprise internet assets can be comprehensively checked, and more assets can be found out through an association algorithm.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. An internet asset exposure information checking method is characterized in that: the method comprises the following steps:
s1, confirming known clue information;
s2, obtaining a domain name and an Ip list of an enterprise through an association algorithm;
s3, detecting the domain name and the IP obtained in the S2 by using an asset detection tool;
and S4, analyzing the opened port, protocol and component application of the asset.
2. The internet asset exposure information investigation method of claim 1, wherein: the known clues of S1 include enterprise domain names, IPs, and enterprise information keywords.
3. The internet asset exposure information investigation method of claim 1, wherein: the correlation algorithm in S2 includes certificate, sub domain blasting, traffic analysis, ICP information, domain registration information, business name, app, and wechat applet.
4. The internet asset exposure information investigation method of claim 1, wherein: the S1 further includes an asset identification for identifying the asset information, and determining the asset information after identifying the asset information.
5. The internet asset exposure information investigation method of claim 4, wherein: the asset identification comprises dynamic calculation of data and persistence of the data, the dynamic calculation of the data is used for dynamically calculating the data, and when the information changes, the asset information changes.
6. The internet asset exposure information investigation method of claim 1, wherein: the S3 further includes internet asset combing work, which is composed of port scan foeye, asset association algorithm focii, and security technician analysis.
7. The internet asset exposure information investigation method of claim 6, wherein: the Internet asset combing work specifically comprises the following steps: through Foeye active detection scanning, four recommendation algorithms/keyword retrieval and safety personnel, a third-party tool is combined with attack and defense experience to investigate unregistered and unknown assets of an enterprise on the Internet side, when any information of related working assets supporting the enterprise convergence Internet application asset exposure surface changes, asset change information calculation is triggered, or when the information is displayed, the asset change information calculation is triggered, each time the asset information changes, a certain previous batch of assets are searched according to a main key or related information of the assets, the two times of information are taken to compare corresponding fields, and the generated difference information is stored or displayed.
8. The internet asset exposure information checking method according to claim 7, wherein: after the triggering of the calculation of the asset transition information, the method further comprises executing related codes, wherein the specific steps of executing the related codes are as follows:
step one, obtaining the asset information modified this time;
step two, according to the related information of the assets, searching the related asset information of a certain previous batch;
comparing the fields according to the corresponding information to find change information, and identifying the increase, decrease and change of the change information, wherein the change information comprises fields, batches, tasks, time and the like;
and step four, displaying or storing the change information.
9. The internet asset exposure information investigation method of claim 1, wherein: before S1, an enterprise internet login module is established, where the enterprise internet login module includes an identity information verification unit, and the identity information verification unit is configured to perform verification login through identity information or verify login through a mobile phone verification code when logging in to the enterprise internet.
10. The internet asset exposure information investigation method of claim 1, wherein: and the alarm module is also established after the S4, and comprises an audible and visual alarm which is used for generating audible and visual alarm when the asset information changes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110252040.5A CN112926942A (en) | 2021-03-08 | 2021-03-08 | Internet asset exposure information checking method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110252040.5A CN112926942A (en) | 2021-03-08 | 2021-03-08 | Internet asset exposure information checking method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112926942A true CN112926942A (en) | 2021-06-08 |
Family
ID=76171915
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110252040.5A Pending CN112926942A (en) | 2021-03-08 | 2021-03-08 | Internet asset exposure information checking method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112926942A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113364879A (en) * | 2021-06-18 | 2021-09-07 | 南京智斯特科技有限公司 | Multi-level asset online auction information transfer system and method based on big data |
CN113472775A (en) * | 2021-06-29 | 2021-10-01 | 深信服科技股份有限公司 | Exposed surface determining method and system and storage medium |
CN113992628A (en) * | 2021-12-30 | 2022-01-28 | 北京华云安信息技术有限公司 | Domain name blasting test method, device, equipment and computer readable storage medium |
CN114884831A (en) * | 2022-07-11 | 2022-08-09 | 中国人民解放军国防科技大学 | Network asset ordering method and device for network space mapping system |
CN115242463A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Network asset dynamic change monitoring method and system and computer equipment |
CN115348197A (en) * | 2022-06-10 | 2022-11-15 | 国网思极网安科技(北京)有限公司 | Network asset detection method and device, electronic equipment and storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733699A (en) * | 2017-09-28 | 2018-02-23 | 深信服科技股份有限公司 | Internet assets security management method, system, equipment and readable storage medium storing program for executing |
US20190199688A1 (en) * | 2017-12-26 | 2019-06-27 | Qadium, Inc. | Autonomous alerting based on defined categorizations for network space and network boundary changes |
CN111818024A (en) * | 2020-06-23 | 2020-10-23 | 广州锦行网络科技有限公司 | Network asset information collecting and monitoring system |
CN112003857A (en) * | 2020-08-20 | 2020-11-27 | 深信服科技股份有限公司 | Network asset collecting method, device, equipment and storage medium |
CN112217817A (en) * | 2020-10-10 | 2021-01-12 | 杭州安恒信息技术股份有限公司 | Network asset risk monitoring method and device and related equipment |
CN112380539A (en) * | 2020-11-11 | 2021-02-19 | 小安(北京)科技有限公司 | Vulnerability security assessment method, device and system based on enterprise asset correlation analysis |
-
2021
- 2021-03-08 CN CN202110252040.5A patent/CN112926942A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733699A (en) * | 2017-09-28 | 2018-02-23 | 深信服科技股份有限公司 | Internet assets security management method, system, equipment and readable storage medium storing program for executing |
US20190199688A1 (en) * | 2017-12-26 | 2019-06-27 | Qadium, Inc. | Autonomous alerting based on defined categorizations for network space and network boundary changes |
CN111818024A (en) * | 2020-06-23 | 2020-10-23 | 广州锦行网络科技有限公司 | Network asset information collecting and monitoring system |
CN112003857A (en) * | 2020-08-20 | 2020-11-27 | 深信服科技股份有限公司 | Network asset collecting method, device, equipment and storage medium |
CN112217817A (en) * | 2020-10-10 | 2021-01-12 | 杭州安恒信息技术股份有限公司 | Network asset risk monitoring method and device and related equipment |
CN112380539A (en) * | 2020-11-11 | 2021-02-19 | 小安(北京)科技有限公司 | Vulnerability security assessment method, device and system based on enterprise asset correlation analysis |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113364879A (en) * | 2021-06-18 | 2021-09-07 | 南京智斯特科技有限公司 | Multi-level asset online auction information transfer system and method based on big data |
CN113472775A (en) * | 2021-06-29 | 2021-10-01 | 深信服科技股份有限公司 | Exposed surface determining method and system and storage medium |
CN113992628A (en) * | 2021-12-30 | 2022-01-28 | 北京华云安信息技术有限公司 | Domain name blasting test method, device, equipment and computer readable storage medium |
CN115348197A (en) * | 2022-06-10 | 2022-11-15 | 国网思极网安科技(北京)有限公司 | Network asset detection method and device, electronic equipment and storage medium |
CN115242463A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Network asset dynamic change monitoring method and system and computer equipment |
CN114884831A (en) * | 2022-07-11 | 2022-08-09 | 中国人民解放军国防科技大学 | Network asset ordering method and device for network space mapping system |
CN114884831B (en) * | 2022-07-11 | 2022-09-09 | 中国人民解放军国防科技大学 | Network asset ordering method and device for network space mapping system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112926942A (en) | Internet asset exposure information checking method | |
US10659482B2 (en) | Robotic process automation resource insulation system | |
CN113542279B (en) | Network security risk assessment method, system and device | |
CN105009132A (en) | Event correlation based on confidence factor | |
CN111865925A (en) | Network traffic based fraud group identification method, controller and medium | |
WO2020244307A1 (en) | Vulnerability detection method and apparatus | |
CN110493181B (en) | User behavior detection method and device, computer equipment and storage medium | |
TWI734466B (en) | Risk assessment method and device for leakage of privacy data | |
CN113392409B (en) | Risk automated assessment and prediction method and terminal | |
US20080283593A1 (en) | Compromised Account Detection | |
CN111259399B (en) | Method and system for dynamically detecting vulnerability attacks for web applications | |
KR102230441B1 (en) | Method, Device and program for generating security action report based on the results of the security vulnerability assessment | |
CN116842531B (en) | Code vaccine-based vulnerability real-time verification method, device, equipment and medium | |
CN115314276B (en) | Security check management system, method and terminal equipment | |
CN109684863B (en) | Data leakage prevention method, device, equipment and storage medium | |
EP3172692A1 (en) | Remedial action for release of threat data | |
CN112688971B (en) | Function-damaged network security threat identification device and information system | |
Thangavelu et al. | Comprehensive Information Security Awareness (CISA) in Security Incident Management (SIM): A Conceptualization. | |
KR102304237B1 (en) | compliance management system through automatic diagnosis of infrastructure asset threat and method therefor | |
CN113761536B (en) | Safety detection method and system based on business logic | |
CN113824736A (en) | Asset risk handling method, device, equipment and storage medium | |
CN113468542A (en) | Exposed surface asset risk assessment method, device, equipment and medium | |
Khorev et al. | Assessing Information Risks When Using Web Applications Using Fuzzy Logic | |
CN117195273B (en) | Data leakage detection method and device based on time sequence data anomaly detection | |
CN115361240B (en) | Vulnerability determination method and device, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |