CN114036529A - Vulnerability scanning method and device and computer equipment - Google Patents
Vulnerability scanning method and device and computer equipment Download PDFInfo
- Publication number
- CN114036529A CN114036529A CN202111335180.5A CN202111335180A CN114036529A CN 114036529 A CN114036529 A CN 114036529A CN 202111335180 A CN202111335180 A CN 202111335180A CN 114036529 A CN114036529 A CN 114036529A
- Authority
- CN
- China
- Prior art keywords
- scanning
- vulnerability
- target
- determining
- scanned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention discloses a vulnerability scanning method, a vulnerability scanning device and computer equipment, wherein the vulnerability scanning method comprises the following steps: receiving a vulnerability scanning request, wherein the vulnerability scanning request carries object information of a first scanning object to be processed; analyzing the object information of the first scanning object in the vulnerability scanning request; determining a target scanning object to be scanned according to the object information of the first scanning object; and carrying out vulnerability scanning on the target scanning object. Compared with the prior art, the target scanning object can be accurately scanned, so that the scanning time of vulnerability scanning can be shortened and the effectiveness of vulnerability scanning is improved under the condition of ensuring the system security, thereby improving the efficiency of vulnerability scanning.
Description
Technical Field
The present invention relates to computer technologies, and in particular, to a vulnerability scanning method and apparatus, a computer device, and a storage medium.
Background
With the development of network technology, the problem of network security becomes more important, and vulnerability scanning technology, as an important network security technology, can improve the security of the network and discover potential security problems in the network. In the related art, after receiving a scanning request of vulnerability scanning, a computer device scans all processes of a network in sequence, however, the scanning mode is not beneficial to rapidly finding out security vulnerabilities of the network, so that the vulnerability scanning efficiency is low, the scanning effect is poor, and the like. In view of this, how to improve the effectiveness and efficiency of vulnerability scanning on the premise of ensuring the security of the network becomes a technical problem that needs to be solved urgently.
Disclosure of Invention
In order to solve the existing technical problem, embodiments of the present invention provide a vulnerability scanning method, apparatus, computer device, and computer storage medium.
In order to achieve the above purpose, the technical solution of the embodiment of the present invention is realized as follows:
the embodiment of the invention provides a vulnerability scanning method, which comprises the following steps:
receiving a vulnerability scanning request, wherein the vulnerability scanning request carries object information of a first scanning object to be processed;
analyzing the object information of the first scanning object in the vulnerability scanning request;
determining a target scanning object to be scanned according to the object information of the first scanning object;
and carrying out vulnerability scanning on the target scanning object.
Preferably, the object information of the first scanning object includes: a scan object identification of the first scan object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the scanning object identification of the first scanning object.
Preferably, the determining a target scanning object to be scanned according to the scanning object identifier of the first scanning object includes:
and selecting the first scanning identification matched with the scanning identification of a second scanning object in a vulnerability scanning database according to the scanning object identification of the first scanning object, and determining the first scanning identification as the target scanning object, wherein the vulnerability scanning database stores the second scanning object determined according to the vulnerability risk coefficient and the object identification of the second scanning object.
Preferably, the object information of the first scan object includes: historical scan information of the first scanned object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the historical scanning information of the first scanning object.
Preferably, the determining a target scanning object to be scanned according to the historical scanning information of the first scanning object includes:
and determining a target scanning object to be scanned according to at least one of the historical scanning times, the historical scanning frequency and the scanning results of the historical scanning of the first scanning object.
Preferably, the object information of the first scanning object includes: task state information of the first scanning object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the task state information of the first scanning object.
Preferably, determining a target scanning object to be scanned according to the task state information of the first scanning object includes:
and determining a third scanning object which indicates to be operated and/or a fourth scanning object which indicates to be operated in the task state information of the first scanning object as the target scanning object to be scanned.
The embodiment of the invention also provides a vulnerability scanning device, which comprises:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a vulnerability scanning request, and the vulnerability scanning request carries object information of a first scanning object to be processed;
the analysis module is used for analyzing the object information of the first scanning object in the vulnerability scanning request;
the determining module is used for determining a target scanning object to be scanned according to the object information of the first scanning object;
and the scanning module is used for carrying out vulnerability scanning on the target scanning object.
An embodiment of the present invention further provides a computer device, including: a processor and a memory for storing a computer program capable of running on the processor, wherein the processor is configured to implement the vulnerability scanning method as described above when the computer program is run.
The embodiment of the invention also provides a computer storage medium, which stores an executable program, and when the executable program is executed by a processor, the vulnerability scanning method is realized.
The vulnerability scanning method, the vulnerability scanning device, the computer equipment and the computing storage medium provided by the embodiment receive a vulnerability scanning request, wherein the vulnerability scanning request carries object information of a first scanning object to be processed; analyzing object information of a first scanning object in the vulnerability scanning request; determining a target scanning object to be scanned according to the object information of the first scanning object; and finally, only carrying out vulnerability scanning on the target scanning object. Therefore, compared with the related art that all the scanning objects in the vulnerability scanning request need to be scanned, because the embodiment of the invention performs the brushing selection on all the first scanning objects in the vulnerability scanning request, namely, the target scanning object to be finally scanned is determined according to the object information of the first scanning object analyzed in the vulnerability scanning request, and finally, only the target scanning object needs to be subjected to vulnerability scanning, so that the phenomenon of invalid scanning of unnecessary scanning objects can be reduced, and the phenomenon of pause caused by overlong queuing time or excessive queuing tasks of the scanning objects needing to be scanned due to the fact that the unnecessary scanning objects need to be scanned are scanned is reduced, so that the effectiveness of vulnerability scanning is improved, and the efficiency of vulnerability scanning is further improved.
Drawings
Fig. 1 is a schematic flowchart of a vulnerability scanning method according to an embodiment of the present invention;
fig. 2 is a schematic functional structure diagram of a vulnerability scanning apparatus according to an embodiment of the present invention;
fig. 3 is a schematic hardware structure diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The vulnerability scanning method provided by the embodiment of the invention can be applied to the field of vulnerability scanning of computer networks or software. The vulnerability scanning method is executed by a computer device. It should be noted that, the computer device herein refers to any device having a computing processing function, including but not limited to a fixed terminal device or a mobile terminal device. The fixed terminal device may include, but is not limited to, a desktop computer or a computer device, and the mobile terminal device may include, but is not limited to, a mobile phone, a tablet computer, a wearable device or a notebook computer.
The technical scheme of the invention is further elaborated by combining the drawings and the specific embodiments in the specification.
An embodiment of the present invention provides a vulnerability scanning method, which is executed by a computer device, and fig. 1 is a schematic flow chart of the vulnerability scanning method provided in an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
step 11: receiving a vulnerability scanning request, wherein the vulnerability scanning request carries object information of a first scanning object to be processed;
step 12: analyzing the object information of the first scanning object in the vulnerability scanning request;
step 13: determining a target scanning object to be scanned according to the object information of the first scanning object;
step 14: and carrying out vulnerability scanning on the target scanning object.
In some embodiments, the step 11 of receiving the vulnerability scanning request may be a vulnerability scanning request initiated by the computer device itself based on a specific trigger condition. For example, the specific trigger condition may be power-on, or starting a specific application program, or starting a timing scanning program, or the like.
In other embodiments, the step 11 of receiving the vulnerability scanning request may also be sent by another device communicatively connected to the computer device itself. Illustratively, the wearable mobile phone receives a vulnerability scanning request of the mobile phone bound with the wearable mobile phone.
It should be noted that the scanning object includes, but is not limited to, a website, an application, or a process to be scanned in the vulnerability scanning process. The object information of the scanned object includes, but is not limited to, a domain name, an IP address, a process port, a URL (Uniform Resource locator), a CGI (common Gateway Interface), and the like used by a website, an application, or a process to be scanned. The scanning object to be scanned can be uniquely positioned according to the object information of the scanning object.
In the related art, after receiving a vulnerability scanning request, a computer device scans all first scanning objects to be processed carried in the vulnerability scanning request, so that it is obvious that some unnecessary scanning objects are also scanned, for example, some scanning objects with low security risk themselves are scanned, which results in invalidation of vulnerability scanning, and meanwhile, because some scanning objects with low security risk themselves occupy a scanning queue, scanning untimely property of vulnerability scanning which is really needed is also caused, and scanning efficiency is low, thereby being not beneficial to the security problem of the computer device in the period.
Based on this, in the embodiment of the present invention, the target scanning object to be scanned is determined according to the object information of the first scanning object, and only the target scanning object is subjected to vulnerability scanning. Compared with the related art, when all the scanning objects in the vulnerability scanning request need to be scanned, because the embodiment of the invention can perform the brushing selection on all the first scanning objects in the vulnerability scanning request, namely, the target scanning object to be scanned finally can be determined according to the object information of the first scanning object analyzed in the vulnerability scanning request, and finally, only the target scanning object needs to be subjected to vulnerability scanning, so that the phenomenon of invalid scanning of unnecessary scanning objects can be reduced, and the phenomenon of pause caused by overlong queuing time or excessive queuing tasks of the scanning objects needing to be scanned due to the fact that the unnecessary scanning objects need to be scanned are scanned can be reduced, thereby improving the effectiveness of vulnerability scanning and further improving the efficiency of vulnerability scanning.
In some exemplary embodiments, the object information of the first scanning object includes: a scan object identification of the first scan object;
the step 13, namely, determining the target scanning object to be scanned according to the object information of the first scanning object, includes:
and determining a target scanning object to be scanned according to the scanning object identification of the first scanning object.
It is to be understood that the scan object identification is for uniquely identifying the scan object. Illustratively, the first scanning object is a website, and the scanning object identifier of the first scanning object may be an IP address or URL for identifying the website. Illustratively, the first scan object is an application, and the object identification of the first scan jucon may be an application name or an application ID, etc. for identifying the application. Illustratively, the first scan object is a process, and the object identification of the first scan object may be a process name or a process ID for identifying the process, or the like.
Of course, in other embodiments, the object identifier of the first scanned object may be replaced by letters or numbers or a combination of letters or numbers, so as to facilitate reading by the computer system. In summary, any identifier that can be used to identify different first scan objects falls within the scope of the scan object identifiers described in the embodiments of the present invention.
In some exemplary embodiments, the determining a target scanning object to be scanned according to the scanning object identifier of the first scanning object includes:
and selecting the first scanning identification matched with the scanning identification of a second scanning object in a vulnerability scanning database according to the scanning object identification of the first scanning object, and determining the first scanning identification as the target scanning object, wherein the vulnerability scanning database stores the object identifications of the second scanning object and the second scanning object determined according to vulnerability risk coefficients.
It will be appreciated that the vulnerability scanning database may be a database stored locally on the computer device. For example, the vulnerability scanning database may be established from historical vulnerability scanning records of the computer device. In other embodiments, the vulnerability scanning database can also be stored in the cloud, so that the computer device does not need to store the vulnerability scanning database, and the storage space is saved; and the data in the vulnerability scanning database stored on the cloud side can be updated in time based on the cloud big data, so that the vulnerability scanning database can be more accurately provided with a target scanning object to be scanned.
For example, the determining, according to the vulnerability risk coefficient, the object identifiers of the second scanned object and the second scanned object may include: and determining the object identifiers of the second scanning object and the second scanning object with the vulnerability risk coefficient larger than a risk coefficient threshold value according to the vulnerability risk coefficient. Therefore, in the embodiment, the computer device only scans the scanning objects with the vulnerability risk coefficients larger than the risk coefficient threshold value, so that unnecessary scanning is reduced, and the effectiveness and the efficiency of scanning are improved.
It should be noted that the risk coefficient threshold may be a risk coefficient that is not affected by the operation of the computer device according to big data statistics; or may be a risk factor that the computer itself can bear. It will be appreciated that different computer devices may have different risk factor thresholds.
In other embodiments, the determining the object identifiers of the second scanned object and the second scanned object according to the vulnerability risk coefficient may include: and according to the vulnerability risk coefficient, determining a second scanning object with the vulnerability risk coefficient ranking before a preset ranking number and the object identifier of the second scanning object. Therefore, in the embodiment, the computer device only scans the scanning objects with the vulnerability risk coefficients in the preset ranks, so that unnecessary scanning is reduced, and the effectiveness and the efficiency of scanning are improved.
It should be noted that the preset ranking number may be determined according to the current operating condition of the computer device. The preset ranking number may be set larger if the current operating conditions of the computer device indicate that the computer system resources are sufficient, and may be set smaller if the current operating conditions of the computer device indicate that the computer system resources are insufficient.
In the above embodiment, the target scanning object to be scanned is determined by the scanning object identifier of the first scanning object, and the target scanning object to be scanned can be determined simply, conveniently and quickly.
In some exemplary embodiments, the object information of the first scanning object includes: historical scan information of the first scanned object;
the step 13, namely, determining the target scanning object to be scanned according to the object information of the first scanning object, includes:
and determining a target scanning object to be scanned according to the historical scanning information of the first scanning object.
Illustratively, the historical scanning information includes at least one of a security factor evaluated during the historical scanning, an average number of scanning holes during the historical scanning, and the number of times of the historical scanning. In summary, the historical scan information can reflect whether the first scan object has a necessity to be scanned. For example, the historical scanning information of the scanning object a indicates that the historical scanning times are greater than the historical scanning times threshold, the safety factor evaluated in the historical scanning is greater than the preset safety times, and the average number of scanned bugs in the historical scanning is greater than the number threshold, which indicates that the first scanning object is necessary to be scanned.
In some exemplary embodiments, the determining a target scanning object to be scanned according to the historical scanning information of the first scanning object includes: and determining a target scanning object to be scanned according to at least one of the historical scanning times, the historical scanning frequency and the scanning results of the historical scanning of the first scanning object.
For example, the scanning result of the historical scanning of the first scanning object may be the safety factor evaluated during the historical scanning, the average number of scanned bugs, and the like.
In this embodiment, through the historical scanning information of the first scanning object, whether the first scanning object is necessary to be scanned can be reflected from the side surface, and only the scanning object which is necessary to be scanned is scanned, so that the scanning of unnecessary scanning objects can be reduced, and the effectiveness of scanning and the efficiency of scanning are improved.
In some exemplary embodiments, the object information of the first scanning object includes: task state information of the first scanning object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the task state information of the first scanning object.
Illustratively, the task state information includes, but is not limited to: the operation condition and the operation time of the first scanning object, etc. For example, the running condition of the first scanning object may be a running queue condition of the first scanning object, for example, the running is started only when the first scanning object is ranked in the order of several digits; the run time of the first scan object may be the time at which the first scan object is running or the time at which the run is predicted. It should be noted that the predicted operation time of the first scanning object can be determined according to the usage habit of the computer device. For example, the running time of the stapling software can be predicted according to the fact that the computer device runs the stapling software at nine points every day and the like.
In some exemplary embodiments, the determining a target scanning object to be scanned according to the task state information of the first scanning object includes:
and determining a third scanning object which indicates to be operated and/or a fourth scanning object which indicates to be operated in the state information of the first scanning object as the target scanning object to be scanned.
In this embodiment, by only performing vulnerability scanning on the scanning object in operation or the scanning object to be operated, unnecessary scanning of the scanning object can be reduced, and the effectiveness and efficiency of scanning can be improved.
As shown in fig. 2, an embodiment of the present invention further provides a vulnerability scanning apparatus 2, where the apparatus includes:
a receiving module 21, configured to receive a vulnerability scanning request, where the vulnerability scanning request carries object information of a first scanning object to be processed;
the analysis module 22 is configured to analyze object information of the first scanning object in the vulnerability scanning request;
a determining module 23, configured to determine a target scanning object to be scanned according to the object information of the first scanning object;
and the scanning module 24 is configured to perform vulnerability scanning on the target scanning object.
In some embodiments, the object information of the first scanned object includes: a scan object identification of the first scan object;
the determining module 23 is further configured to:
and determining a target scanning object to be scanned according to the scanning object identification of the first scanning object.
In some embodiments, the determining module 23 is specifically configured to:
and selecting the first scanning identification matched with the scanning identification of a second scanning object in a vulnerability scanning database according to the scanning object identification of the first scanning object, and determining the first scanning identification as the target scanning object, wherein the vulnerability scanning database stores the object identifications of the second scanning object and the second scanning object determined according to vulnerability risk coefficients.
In some embodiments, the object information of the first scan object comprises: historical scan information of the first scanned object;
the determining module 23 is further configured to:
and determining a target scanning object to be scanned according to the historical scanning information of the first scanning object.
In some embodiments, the determining module 23 is further configured to:
and determining a target scanning object to be scanned according to at least one of the historical scanning times, the historical scanning frequency and the scanning results of the historical scanning of the first scanning object.
In some embodiments, the object information of the first scanned object includes: task state information of the first scanning object;
the determining module 23 is further configured to:
and determining a target scanning object to be scanned according to the task state information of the first scanning object.
In some embodiments, the determining module 23 is further configured to:
and determining a third scanning object which indicates to be operated and/or a fourth scanning object which indicates to be operated in the task state information of the first scanning object as the target scanning object to be scanned.
Here, it should be noted that: the description of the information processing device item is similar to the description of the generation method item of the cost decomposition structure of the nuclear power plant project, and the description of the beneficial effect of the method is not repeated. For technical details that are not disclosed in the embodiment of the information processing apparatus of the present invention, please refer to the description of the embodiment of the vulnerability scanning method of the present invention.
As shown in fig. 3, embodiments of the present invention also provide a computer device comprising a memory 32, a processor 31, and computer instructions stored on the memory 32 and executable on the processor 31; the processor 31 implements the steps applied to the vulnerability scanning method when executing the instructions.
In some embodiments, memory 32 in embodiments of the present invention may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The non-volatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable PROM (EEPROM), or a flash Memory. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of illustration and not limitation, many forms of RAM are available, such as Static random access memory (Static RAM, SRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic random access memory (Synchronous DRAM, SDRAM), Double Data Rate Synchronous Dynamic random access memory (ddr Data Rate SDRAM, ddr SDRAM), Enhanced Synchronous SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The memory 32 of the systems and methods described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
And the processor 31 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 31. The Processor 31 may be a general-purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, or discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 32, and the processor 31 reads the information in the memory 32 and completes the steps of the method in combination with the hardware.
In some embodiments, the embodiments described herein may be implemented in hardware, software, firmware, middleware, microcode, or a combination thereof. For a hardware implementation, the Processing units may be implemented within one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, micro-controllers, microprocessors, other electronic units configured to perform the functions described herein, or a combination thereof.
For a software implementation, the techniques described herein may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in a memory and executed by a processor. The memory may be implemented within the processor or external to the processor.
Yet another embodiment of the present invention provides a computer storage medium having stored thereon an executable program which, when executed by a processor 31, may perform the steps of the method for generating a cost-resolved structure for a nuclear power plant project. For example, as one or more of the methods shown in fig. 1.
In some embodiments, the computer storage medium may include: a U-disk, a removable hard disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It should be noted that: the technical schemes described in the embodiments of the present invention can be combined arbitrarily without conflict.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A vulnerability scanning method, the method comprising:
receiving a vulnerability scanning request, wherein the vulnerability scanning request carries object information of a first scanning object to be processed;
analyzing the object information of the first scanning object in the vulnerability scanning request;
determining a target scanning object to be scanned according to the object information of the first scanning object;
and carrying out vulnerability scanning on the target scanning object.
2. The method of claim 1, wherein the object information of the first scanned object comprises: a scan object identification of the first scan object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the scanning object identification of the first scanning object.
3. The method according to claim 2, wherein determining a target scan object to be scanned according to the scan object identifier of the first scan object comprises:
and selecting the first scanning identification matched with the scanning identification of a second scanning object in a vulnerability scanning database according to the scanning object identification of the first scanning object, and determining the first scanning identification as the target scanning object, wherein the vulnerability scanning database stores the object identifications of the second scanning object and the second scanning object determined according to vulnerability risk coefficients.
4. The method of claim 1, wherein the object information of the first scanned object comprises: historical scan information of the first scanned object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the historical scanning information of the first scanning object.
5. The method of claim 4, wherein determining a target scan object to be scanned from historical scan information of the first scan object comprises:
and determining a target scanning object to be scanned according to at least one of the historical scanning times, the historical scanning frequency and the scanning results of the historical scanning of the first scanning object.
6. The method of claim 1, wherein the object information of the first scanned object comprises: task state information of the first scanning object;
the determining a target scanning object to be scanned according to the object information of the first scanning object includes:
and determining a target scanning object to be scanned according to the task state information of the first scanning object.
7. The method according to claim 6, wherein the determining a target scanning object to be scanned according to the task state information of the first scanning object comprises:
and determining a third scanning object which indicates to be operated and/or a fourth scanning object which indicates to be operated in the task state information of the first scanning object as the target scanning object to be scanned.
8. A vulnerability scanning apparatus, the apparatus comprising:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a vulnerability scanning request, and the vulnerability scanning request carries object information of a first scanning object to be processed;
the analysis module is used for analyzing the object information of the first scanning object in the vulnerability scanning request;
the determining module is used for determining a target scanning object to be scanned according to the object information of the first scanning object;
and the scanning module is used for carrying out vulnerability scanning on the target scanning object.
9. A computer device, comprising: a processor and a memory for storing a computer program operable on the processor, wherein the processor is configured to implement the vulnerability scanning method of any of claims 1-7 when the computer program is executed.
10. A computer storage medium storing an executable program which, when executed by a processor, implements the vulnerability scanning method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111335180.5A CN114036529A (en) | 2021-11-11 | 2021-11-11 | Vulnerability scanning method and device and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111335180.5A CN114036529A (en) | 2021-11-11 | 2021-11-11 | Vulnerability scanning method and device and computer equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114036529A true CN114036529A (en) | 2022-02-11 |
Family
ID=80137332
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111335180.5A Pending CN114036529A (en) | 2021-11-11 | 2021-11-11 | Vulnerability scanning method and device and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114036529A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116382755A (en) * | 2023-05-30 | 2023-07-04 | 北京太极信息系统技术有限公司 | Domestic operating system patch upgrading method based on vulnerability protection |
| CN117318988A (en) * | 2023-08-24 | 2023-12-29 | 智感无限(深圳)科技有限公司 | Automatic scanning early warning management system for network security vulnerabilities based on big data |
-
2021
- 2021-11-11 CN CN202111335180.5A patent/CN114036529A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116382755A (en) * | 2023-05-30 | 2023-07-04 | 北京太极信息系统技术有限公司 | Domestic operating system patch upgrading method based on vulnerability protection |
| CN117318988A (en) * | 2023-08-24 | 2023-12-29 | 智感无限(深圳)科技有限公司 | Automatic scanning early warning management system for network security vulnerabilities based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108063759B (en) | Web vulnerability scanning method | |
| CN114036529A (en) | Vulnerability scanning method and device and computer equipment | |
| US11422827B2 (en) | Method, device, apparatus for identifying graphics card of GPU server and medium | |
| US20180082061A1 (en) | Scanning device, cloud management device, method and system for checking and killing malicious programs | |
| CN113240258A (en) | Industrial asset detection method, equipment and device | |
| US20190087208A1 (en) | Method and apparatus for loading elf file of linux system in windows system | |
| CN111104664A (en) | Risk identification method of electronic equipment and server | |
| CN111415158A (en) | Wind control method and system based on block chain | |
| CN107231364B (en) | Website vulnerability detection method and device, computer device and storage medium | |
| CN111338864B (en) | Memory problem detection method, device, computer equipment and storage medium | |
| CN111191235B (en) | Suspicious file analysis method, suspicious file analysis device and computer readable storage medium | |
| CN116545702A (en) | Network security protection method and related equipment | |
| CN112395594B (en) | Method, device and equipment for processing instruction execution sequence | |
| CN111367750B (en) | Exception handling method, device and equipment thereof | |
| CN108234342B (en) | Nginx dynamic active current limiting method and system based on equipment fingerprint | |
| CN110837397A (en) | Method, device and equipment for configuring browser plug-in | |
| US20180278695A1 (en) | Network access method and apparatus for speech recognition service based on artificial intelligence | |
| CN112580038A (en) | Anti-virus data processing method, device and equipment | |
| JPWO2020065778A1 (en) | Information processing equipment, control methods, and programs | |
| CN114567573B (en) | Abnormal data positioning method, device, server and storage medium | |
| CN113347203B (en) | Network attack detection method and device, electronic equipment and storage medium | |
| CN112637830B (en) | Terminal retrieving method and device and network equipment | |
| CN108664293B (en) | Application control method and device in android system | |
| CN113961942A (en) | Vulnerability verification method and device based on fingerprint identification | |
| CN114268489A (en) | Network security protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |