CN114189349A - Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium - Google Patents
Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium Download PDFInfo
- Publication number
- CN114189349A CN114189349A CN202111215178.4A CN202111215178A CN114189349A CN 114189349 A CN114189349 A CN 114189349A CN 202111215178 A CN202111215178 A CN 202111215178A CN 114189349 A CN114189349 A CN 114189349A
- Authority
- CN
- China
- Prior art keywords
- mirror image
- tenant
- vulnerability
- data
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
The invention discloses a safety monitoring and early warning platform, a safety monitoring and early warning method and a storage medium, wherein the safety monitoring and early warning platform comprises a mirror image processing unit, is connected with a tenant system and is used for creating a mirror image system related to the tenant system; the protection monitoring unit is connected with the mirror image processing unit and used for detecting the protection loophole of the obtained mirror image system and outputting a corresponding loophole repairing suggestion; and the operation and maintenance monitoring unit is connected with the mirror image processing unit, acquires the network operation and maintenance data of the repaired mirror image system again after the tenant system finishes bug repair, and monitors the network operation and maintenance data in real time to judge whether a security event exists and position and remind the security event. The invention can detect the protection capability and information security of the tenant system, and can ensure the operation stability of the system and avoid the influence of the detection process on the operation of the system.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a security monitoring and early warning platform, a security monitoring and early warning method and a computer readable storage medium.
Background
At the present stage, the cloud security service platform can provide information security management service for the use units. However, the existing cloud security service platform generally only performs security detection on the service information of a cloud service tenant, and cannot detect the protection capability of the original system of the tenant; furthermore, if the cloud security service platform needs to perform information security monitoring, various detection components or detection programs are generally required to be added to the original system, but when the detection components or the detection programs are executed on the tenant original system, the original system may be stuck and even cannot respond, and the safe and stable operation of the original system is directly affected.
Disclosure of Invention
In order to overcome the defects of the prior art, one of the purposes of the present invention is to provide a security monitoring and early warning platform, which can perform protection capability detection and information security detection on a tenant system, and can also ensure the operation stability of the system, thereby avoiding the influence of the detection process on the operation of the system.
The second objective of the present invention is to provide a safety monitoring and early warning method, which is applied to the above safety monitoring and early warning platform.
It is a further object of the present invention to provide a storage medium.
One of the purposes of the invention is realized by adopting the following technical scheme:
a safety monitoring and pre-warning platform, comprising:
the image processing unit is connected with the tenant system and used for creating or updating an image system related to the tenant system;
the protection monitoring unit is connected with the mirror image processing unit and used for detecting the protection loophole of the mirror image system and outputting a corresponding loophole repairing suggestion;
and the operation and maintenance monitoring unit is connected with the mirror image processing unit, acquires the network operation and maintenance data of the mirror image system again after the tenant system finishes bug fixing, and monitors the network operation and maintenance data in real time to judge whether a security event exists and positions and remind the security event.
Further, the mirror image processing unit includes:
the data access module is used for connecting with the tenant terminal through an interface so as to be in butt joint with the tenant system;
the data copying module is used for copying the resource data of the tenant system to generate mirror image data which is completely the same as the resource data;
the system creation module is used for creating a mirror system which is the same as the tenant system framework, and the mirror system comprises a protection mechanism connected with the tenant system;
and the data migration module is used for migrating the mirror image data to a newly-built mirror image system.
Further, the mirror image processing unit further includes:
and the data interception module is used for actively intercepting part or all of data input to the tenant terminal through the interface according to the preset authority and tracking the source of the intercepted data.
Further, the method for the protection monitoring unit to detect the protection vulnerability of the obtained mirror image system comprises the following steps:
utilizing a preset vulnerability attack program to actively invade the mirror image system and detecting the running condition of the mirror image system in real time; and if the mirror image system has abnormal operation when the vulnerability attack program is actively attacked, judging that the tenant system has the protection vulnerability.
Further, when the mirror image system is subjected to abnormal operation after undergoing any one active attack, recording the vulnerability type and the attack path of the current vulnerability attack program; and analyzing the severity of the system abnormality according to the operation log of the mirror image system, carrying out risk rating on the protection vulnerability of the tenant system by combining the vulnerability type, the attack path and the severity of the system abnormality, and generating a corresponding risk evaluation report.
Further, the method for outputting the corresponding bug fix suggestion includes:
and calling a pre-stored vulnerability patch in the database according to the vulnerability type, and sending address information corresponding to the vulnerability patch to the tenant system, so that the tenant system obtains the vulnerability patch after receiving the address information and repairs the vulnerability of the tenant system.
Further, the method for reminding the security event comprises the following steps:
and performing grade analysis on different safety events according to the event types of the safety events, and sequentially reminding the different safety events according to the sequence from high grade to low grade.
Further, the method for reminding the security event further comprises the following steps:
and matching corresponding maintainers for different security events according to the event types of the security events, and pushing the positioning information of the security events to the terminal to which the corresponding maintainers belong.
The second purpose of the invention is realized by adopting the following technical scheme:
a safety monitoring and early warning method is applied to the safety monitoring and early warning platform, and comprises the following steps:
responding to a monitoring requirement initiated by a tenant system, creating a mirror image system identical to the tenant system, and carrying out protection vulnerability detection on the created mirror image system to output a corresponding vulnerability repair suggestion;
and after the tenant system finishes system protection bug repairing, acquiring network operation and maintenance data of the repaired mirror image system, and monitoring the network operation and maintenance data in real time to judge whether a security event exists and position and remind the security event.
The third purpose of the invention is realized by adopting the following technical scheme:
a computer-readable storage medium, on which a computer program is stored, which, when executed, implements the above-described safety monitoring and warning method.
Compared with the prior art, the invention has the beneficial effects that:
the invention establishes a mirror image system related to the tenant system after accessing the tenant system, detects the protection capability and information security of the mirror image system, provides an all-round security system for the tenant system, and meets various security guarantee requirements of the tenant; meanwhile, the protection capability and the information security detection process are carried out in the mirror image system, so that the influence on the original tenant system in the detection process is avoided, and the operation stability of the tenant system is ensured.
Drawings
FIG. 1 is a block diagram of a safety monitoring and early warning platform according to the present invention;
FIG. 2 is a block diagram of a mirror processing unit according to the present invention;
fig. 3 is a schematic flow chart of the safety monitoring and early warning method of the present invention.
Detailed Description
The present invention will be further described with reference to the accompanying drawings and the detailed description, and it should be noted that any combination of the embodiments or technical features described below can be used to form a new embodiment without conflict.
Example one
The embodiment provides a safety monitoring and early warning platform which is mainly built on a cloud server, different cloud tenant terminals are connected with the cloud server, information butt joint of the different cloud tenant terminals and the cloud server can be achieved, and safety monitoring and early warning platforms of the safety monitoring and early warning platform are reused for safety monitoring of tenant systems on the different cloud tenant terminals, so that safety guarantee is provided for the tenant systems.
As shown in fig. 1, the safety monitoring and early warning platform of the embodiment at least includes a mirror image processing unit, a protection monitoring unit, and an operation and maintenance monitoring unit. The mirror image processing unit is used for butting the tenant system, creating a mirror image system related to the tenant system after identifying the tenant system, or updating the mirror image system corresponding to the tenant system again after the tenant system is repaired; the protection monitoring unit is connected with the mirror image processing unit and is used for detecting the protection loophole of the mirror image system after acquiring the mirror image system created by the mirror image processing unit and outputting a corresponding loophole repairing suggestion, which is equivalent to indirectly detecting the protection capability of a tenant system and is convenient for the tenant to repair the system so as to improve the safety of the tenant system; the operation and maintenance monitoring unit is connected with the mirror image processing unit, after the tenant system finishes the repair operation of system protection bugs, the mirror image processing unit obtains the repaired mirror image system after performing the same bug repair on the tenant's mirror image system, reads various network operation and maintenance data in the mirror image system, and then monitors the network operation and maintenance data in real time to judge whether a security event exists and position and remind the security event, so that more comprehensive security guarantee is provided for the tenant system.
As shown in fig. 2, the mirror processing unit in this embodiment includes a data access module, a data copy module, a system creation module, and a data migration module. The data access module is used for being connected with the tenant terminal through an interface to be in butt joint with the tenant system, so that the cloud server can penetrate into the tenant system through the interface and analyze a system framework structure of the tenant system and a protection mechanism set up by the tenant system so as to create a mirror image system related to the tenant system; meanwhile, the cloud server can also obtain various resource data of the tenant system through the interface, wherein the resource data comprises network operation and maintenance data, equipment operation data, service data and the like which are related to the tenant system. After the cloud server of this embodiment is connected to the tenant system through the data access module, the data replication module may replicate and acquire the obtained resource data of the tenant system, and generate mirror image data that is the same as the resource data of the tenant system without affecting the normal operation of the tenant system; the system creation module can create a mirror system which is the same as the tenant system framework while generating mirror data, wherein the mirror system comprises a protection mechanism connected with the tenant system; and then migrating the mirror image data generated by the data copying module to a newly-built mirror image system by using the data migration module, so that no matter the system frame structure, the protection mechanism set up by the system and the resource data on the system on the mirror image system correspond to the tenant system, and executing various safety detections in the mirror image system, thereby avoiding the influence on the operation of the original tenant system in the detection process and ensuring the operation stability of the original tenant system.
In addition, after the cloud server is docked with the tenant system, illegal molecules may invade the tenant system through interface channels of the tenant system and the cloud server, or spread viruses to the tenant system through the interface channels; therefore, the mirror image processing unit of this embodiment further includes a data interception module, where the data interception module is configured to actively intercept, according to a preset permission, part or all of data input to the tenant terminal via the interface, and track a source of the intercepted data; the tenant can preset an interception authority which can limit the data type passing through the interface channel, and when data with authority beyond the authority is transmitted to the tenant system from the cloud server, the data interception module can intercept the data; in addition, the data interception module can also detect the data transmission state of an interface channel between the cloud server and the tenant system in real time, when the data is detected to be transmitted to the tenant system from the cloud server, the data is intercepted and a prompt is sent to the tenant, the intercepted data is transmitted to the tenant system after the tenant makes a confirmation feedback, and therefore the situation that viruses and other illegal data invade the tenant system through the docking interface after the cloud server is docked with the tenant system can be avoided, and the operation stability and the safety of the tenant system are guaranteed.
In this embodiment, after the cloud server is docked with the tenant system and a corresponding mirror system is created, the protection monitoring unit is used to perform protection vulnerability detection on the obtained mirror system, and the specific method includes: writing different types of vulnerability attack programs into the component in advance in an internet downloading or code writing mode, then actively invading the mirror image system by using the component, and detecting the running condition of the mirror image system in real time; for example, a virus program A and a virus program B are written into an assembly in advance, the assembly is operated to enable the virus program A and the virus program B to sequentially and actively attack a mirror image system, the virus program A and the virus program B are preset known viruses, and the attack principle of different viruses and the influence caused by the viruses are also clear, so that the operation condition of the mirror image system can be detected in the active attack process to know which virus affects the mirror image system to cause the abnormal operation of the mirror image system, if the mirror image system has the abnormal operation in the active attack of a vulnerability attack program, the mirror image system can be considered to have a protection vulnerability, and equivalently, the tenant system also has a corresponding protection vulnerability; if the mirror image system still operates normally after active attack, the protection capability of the tenant system is considered to be strong, and the protection loophole does not exist or does not need to be repaired.
When the mirror image system is subjected to any one-time active attack and the system has an abnormal operation condition, recording the vulnerability type and the attack path of the current vulnerability attack program, and acquiring the protection vulnerability position of the mirror image system according to the vulnerability type and the attack path; meanwhile, when the mirror image system is abnormally operated after being actively attacked, the operation log of the mirror image system can be called, the abnormal fault type of the system is determined according to the operation log, the fault type is graded as the severity of the system abnormality, if the fault that the system can not continuously operate completely occurs, the severity of the fault can be graded as the highest level, and if the system can continuously operate and the fault does not affect the operation of the system, the severity of the fault can be graded as the lowest level; according to the method, risk rating is carried out on the protection vulnerability of the tenant system according to the abnormal severity of the system fault, the fault severity grade of the mirror image system is highest, and the risk grade of the protection vulnerability of the tenant system is correspondingly highest; if the fault severity level is lowest, the risk level of the tenant system protection vulnerability is correspondingly lowest; and then, generating a corresponding risk assessment report by combining the vulnerability type, the attack path and the risk level, pushing the risk assessment report to a tenant terminal for reminding, and informing the tenant of the existence of the protection vulnerability in the used tenant system.
Meanwhile, when risk reminding is carried out on the tenant terminal, a vulnerability patch prestored in the database can be called according to the vulnerability type, address information corresponding to the vulnerability patch is automatically sent to the tenant system when risk reminding is carried out, the tenant system can download the corresponding vulnerability patch from the database after receiving the address information, and therefore targeted vulnerability repair is directly carried out on the tenant system.
In the embodiment, the system protection detection is performed on the mirror image system, the protection capability of the tenant system is correspondingly improved after the tenant completes the protection vulnerability repair operation, and at the moment, the cloud server can provide effective safety protection requirements for the tenant system with the improved protection capability.
After the mirror image processing unit is connected with the tenant system subjected to protection vulnerability repair, a brand-new mirror image system can be established for the current tenant system again, the same protection vulnerability repair operation as the tenant system can be performed on the basis of the original mirror image system, so that the repaired mirror image system is obtained, then all resource data of the tenant system are updated and migrated to the mirror image system, and the mirror image system corresponding to the current tenant system is obtained, so that data security detection is performed on the resource data in the mirror image system.
The embodiment acquires network operation and maintenance data in the mirror image system, wherein the network operation and maintenance data can be data obtained by monitoring an intranet and an internet portal of key basic equipment in a tenant system, the data can be acquired from log messages of the system, the network operation and maintenance data is a result obtained by closely monitoring the network of the tenant system and the system operation state of the tenant system, and hidden dangers and safety events existing in the system can be acquired according to the network operation and maintenance data; meanwhile, each safety event can be accurately positioned, and the effects of actively discovering and pushing hidden dangers are achieved. When judging that a plurality of safety events exist in the operation process of the tenant system, the method can grade each safety event according to the event type of the safety event, and then sequentially remind different safety events according to the sequence from high grade to low grade, so that the tenant can firstly know the safety event with high grade, perform priority processing on the safety event with high grade, perform delayed processing on the safety event with low grade, realize active emergency command and disposal of the safety event with grade, and help the tenant to realize safety monitoring and emergency response.
In addition, different types of safety events need different maintainers to process, so that different types of safety events can be matched with different maintainers in advance, and emergency treatment teams, resources and comparison responsibility are put in storage in advance; when a security event is detected, corresponding maintainers can be automatically matched for different security events according to the event type of the security event, positioning information of the security event is pushed to a terminal to which the corresponding maintainer belongs, so that the maintainers can quickly find and process the security event according to the positioning information, the security monitoring and early warning platform of the embodiment can provide security protection guarantee service for tenants, meanwhile professional security operation and maintenance and emergency handling service can be provided for the tenants, and services such as internet services and the like can be completed by utilizing the security monitoring and early warning platform.
Example two
The embodiment provides a safety monitoring and early warning method, which is applied to the safety monitoring and early warning platform described in the first embodiment, as shown in fig. 3, and the method specifically includes the following steps:
step S1: responding to a monitoring requirement initiated by a tenant system, creating a mirror image system identical to the tenant system, and carrying out protection vulnerability detection on the created mirror image system to output a corresponding vulnerability repair suggestion;
the tenant system can be connected into the cloud server through the interface, monitoring requirements are initiated through the security monitoring and early warning platform in the cloud server, the cloud server can identify system results and system data of the tenant system through the interface channel after receiving the monitoring requirements, a mirror image system identical to the tenant system is created, protection vulnerability monitoring is executed in the mirror image system, whether the tenant system has a protection vulnerability problem or not is known, and vulnerability repairing suggestions are provided.
Step S2: and after the tenant system finishes system protection bug repairing, acquiring network operation and maintenance data of the repaired mirror image system, and monitoring the network operation and maintenance data in real time to judge whether a security event exists and position and remind the security event.
And the tenant system updates the corresponding mirror image system after suggesting and repairing the system bug according to the bug repairing, and detects and judges the security event of the network transportation data, so that the security event of the tenant can be found, positioned accurately and even disposed in real time.
In addition, the present embodiment also provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed, the method for monitoring and warning security is implemented.
The safety monitoring and early warning method and the storage medium of the embodiment are based on two aspects of the same inventive concept, and the implementation process of the platform has been described in detail in the foregoing, so that those skilled in the art can clearly understand the method, the structure of the storage medium, and the implementation process in the embodiment according to the foregoing description, and for the sake of brevity of the description, no further description is provided here.
The above embodiments are only preferred embodiments of the present invention, and the protection scope of the present invention is not limited thereby, and any insubstantial changes and substitutions made by those skilled in the art based on the present invention are within the protection scope of the present invention.
Claims (10)
1. A safety monitoring and early warning platform, comprising:
the image processing unit is connected with the tenant system and used for creating or updating an image system related to the tenant system;
the protection monitoring unit is connected with the mirror image processing unit and used for detecting the protection loophole of the mirror image system and outputting a corresponding loophole repairing suggestion;
and the operation and maintenance monitoring unit is connected with the mirror image processing unit, acquires the network operation and maintenance data of the mirror image system again after the tenant system finishes bug fixing, and monitors the network operation and maintenance data in real time to judge whether a security event exists and positions and remind the security event.
2. The safety monitoring and early warning platform of claim 1, wherein the mirror processing unit comprises:
the data access module is used for connecting with the tenant terminal through an interface so as to be in butt joint with the tenant system;
the data copying module is used for copying the resource data of the tenant system to generate mirror image data which is completely the same as the resource data;
the system creation module is used for creating a mirror system which is the same as the tenant system framework, and the mirror system comprises a protection mechanism connected with the tenant system;
and the data migration module is used for migrating the mirror image data to a newly-built mirror image system.
3. The security monitoring and pre-warning platform of claim 2, wherein the mirror processing unit further comprises:
and the data interception module is used for actively intercepting part or all of data input to the tenant terminal through the interface according to the preset authority and tracking the source of the intercepted data.
4. The safety monitoring and early warning platform according to claim 1, wherein the method for the protection monitoring unit to detect the protection vulnerability of the obtained mirror image system comprises the following steps:
utilizing a preset vulnerability attack program to actively invade the mirror image system and detecting the running condition of the mirror image system in real time; and if the mirror image system has abnormal operation when the vulnerability attack program is actively attacked, judging that the tenant system has the protection vulnerability.
5. The safety monitoring and early warning platform according to claim 4, wherein when the mirror image system is subjected to abnormal operation after undergoing any one active attack, the vulnerability type and the attack path of the current vulnerability attack program are recorded; and analyzing the severity of the system abnormality according to the operation log of the mirror image system, carrying out risk rating on the protection vulnerability of the tenant system by combining the vulnerability type, the attack path and the severity of the system abnormality, and generating a corresponding risk evaluation report.
6. The safety monitoring and early warning platform according to claim 1, wherein the vulnerability fix recommendation is generated by:
and calling a pre-stored vulnerability patch in the database according to the vulnerability type, and sending address information corresponding to the vulnerability patch to the tenant system, so that the tenant system obtains the vulnerability patch after receiving the address information and repairs the vulnerability of the tenant system.
7. The security monitoring and pre-warning platform of claim 1, wherein the method of alerting the security event comprises:
and performing grade analysis on different safety events according to the event types of the safety events, and sequentially reminding the different safety events according to the sequence from high grade to low grade.
8. The security monitoring and pre-warning platform of claim 7, wherein the method of alerting the security event further comprises:
and matching corresponding maintainers for different security events according to the event types of the security events, and pushing the positioning information of the security events to the terminal to which the corresponding maintainers belong.
9. A safety monitoring and early warning method is applied to the safety monitoring and early warning platform according to any one of claims 1 to 8, and comprises the following steps:
responding to a monitoring requirement initiated by a tenant system, creating a mirror image system identical to the tenant system, and carrying out protection vulnerability detection on the created mirror image system to output a corresponding vulnerability repair suggestion;
and after the tenant system finishes system protection bug repairing, acquiring network operation and maintenance data of the repaired mirror image system, and monitoring the network operation and maintenance data in real time to judge whether a security event exists and position and remind the security event.
10. A computer-readable storage medium, having stored thereon a computer program which, when executed, implements the safety monitoring and warning method of claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111215178.4A CN114189349A (en) | 2021-10-19 | 2021-10-19 | Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111215178.4A CN114189349A (en) | 2021-10-19 | 2021-10-19 | Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114189349A true CN114189349A (en) | 2022-03-15 |
Family
ID=80539533
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111215178.4A Pending CN114189349A (en) | 2021-10-19 | 2021-10-19 | Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114189349A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117742897A (en) * | 2024-02-20 | 2024-03-22 | 国网四川省电力公司信息通信公司 | Method for realizing automatic repair of vulnerability based on container mirror image |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101154257A (en) * | 2007-08-14 | 2008-04-02 | 电子科技大学 | Dynamic mend performing method based on characteristics of loopholes |
| CN102436560A (en) * | 2011-08-22 | 2012-05-02 | 高振宇 | Computer self-defending system and method |
| CN108494727A (en) * | 2018-02-06 | 2018-09-04 | 成都清华永新网络科技有限公司 | A kind of security incident closed-loop process method for network security management |
| CN108696550A (en) * | 2017-04-05 | 2018-10-23 | 中国科学院上海高等研究院 | Rapid build and the system and method for replicating cloud |
| CN110472414A (en) * | 2019-07-23 | 2019-11-19 | 中国平安人寿保险股份有限公司 | Detection method, device, terminal device and the medium of system vulnerability |
| CN110581849A (en) * | 2019-09-06 | 2019-12-17 | 中国平安人寿保险股份有限公司 | method, device, equipment and storage medium for monitoring historical repaired bugs |
| CN110807198A (en) * | 2019-11-04 | 2020-02-18 | 吉林亿联银行股份有限公司 | Method for acquiring information for repairing bugs and patch processing system |
| CN111049827A (en) * | 2019-12-12 | 2020-04-21 | 杭州安恒信息技术股份有限公司 | Network system safety protection method, device and related equipment |
| CN111680304A (en) * | 2020-06-15 | 2020-09-18 | 北京凌云信安科技有限公司 | Scanning system for comprehensively detecting Docker vulnerability and unsafe configuration |
| CN113268739A (en) * | 2021-05-13 | 2021-08-17 | 江苏拓邮信息智能技术研究院有限公司 | Docker mirror image security detection method |
| CN113422771A (en) * | 2021-06-22 | 2021-09-21 | 北京华圣龙源科技有限公司 | Threat early warning method and system |
-
2021
- 2021-10-19 CN CN202111215178.4A patent/CN114189349A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101154257A (en) * | 2007-08-14 | 2008-04-02 | 电子科技大学 | Dynamic mend performing method based on characteristics of loopholes |
| CN102436560A (en) * | 2011-08-22 | 2012-05-02 | 高振宇 | Computer self-defending system and method |
| CN108696550A (en) * | 2017-04-05 | 2018-10-23 | 中国科学院上海高等研究院 | Rapid build and the system and method for replicating cloud |
| CN108494727A (en) * | 2018-02-06 | 2018-09-04 | 成都清华永新网络科技有限公司 | A kind of security incident closed-loop process method for network security management |
| CN110472414A (en) * | 2019-07-23 | 2019-11-19 | 中国平安人寿保险股份有限公司 | Detection method, device, terminal device and the medium of system vulnerability |
| CN110581849A (en) * | 2019-09-06 | 2019-12-17 | 中国平安人寿保险股份有限公司 | method, device, equipment and storage medium for monitoring historical repaired bugs |
| CN110807198A (en) * | 2019-11-04 | 2020-02-18 | 吉林亿联银行股份有限公司 | Method for acquiring information for repairing bugs and patch processing system |
| CN111049827A (en) * | 2019-12-12 | 2020-04-21 | 杭州安恒信息技术股份有限公司 | Network system safety protection method, device and related equipment |
| CN111680304A (en) * | 2020-06-15 | 2020-09-18 | 北京凌云信安科技有限公司 | Scanning system for comprehensively detecting Docker vulnerability and unsafe configuration |
| CN113268739A (en) * | 2021-05-13 | 2021-08-17 | 江苏拓邮信息智能技术研究院有限公司 | Docker mirror image security detection method |
| CN113422771A (en) * | 2021-06-22 | 2021-09-21 | 北京华圣龙源科技有限公司 | Threat early warning method and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117742897A (en) * | 2024-02-20 | 2024-03-22 | 国网四川省电力公司信息通信公司 | Method for realizing automatic repair of vulnerability based on container mirror image |
| CN117742897B (en) * | 2024-02-20 | 2024-04-26 | 国网四川省电力公司信息通信公司 | Method for realizing automatic repair of vulnerability based on container mirror image |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101201786B (en) | Method and device for monitoring fault log | |
| US9547579B1 (en) | Method and apparatus for automatically detecting defects | |
| US20090132858A1 (en) | Analyzer, analyzing system, and computer program product | |
| CN109614283B (en) | Monitoring system of distributed database cluster | |
| CN109918285B (en) | Security identification method and device for open source software | |
| CN109074448B (en) | Detection of a deviation of a safety state of a computing device from a nominal safety state | |
| CN112182588A (en) | Operating system vulnerability analysis and detection method and system based on threat intelligence | |
| Mell et al. | Creating a patch and vulnerability management program | |
| US10395200B2 (en) | Method and apparatus for repairing policies | |
| US9853990B2 (en) | Verification of computer system prior to and subsequent to computer program installation | |
| CN114189349A (en) | Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium | |
| CN112615848B (en) | Vulnerability repair state detection method and system | |
| CN107846305B (en) | Change task management method and device | |
| CN110086812B (en) | Safe and controllable internal network safety patrol system and method | |
| CN116881927A (en) | Security vulnerability influence level analysis method, device, equipment and storage medium | |
| CN116361807A (en) | Risk management and control method and device, storage medium and electronic equipment | |
| CN110928782A (en) | Application security management method and device, electronic equipment and storage medium | |
| US11880470B2 (en) | System and method for vulnerability detection in computer code | |
| US20060021028A1 (en) | System and method for adaptive policy and dependency-based system security audit | |
| US11526775B2 (en) | Automatically evaluating application architecture through architecture-as-code | |
| CN114553551A (en) | Method and device for testing intrusion prevention system | |
| CN110807198B (en) | Method for acquiring information for repairing bugs and patch processing system | |
| CN113946828A (en) | Vulnerability scanning method and vulnerability scanning device of industrial control system | |
| CA2420008C (en) | Panic message analyzer | |
| US20230418942A1 (en) | File Integrity Assessment to Detect Malware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |