CN115102751A - Method for testing capability of safety service manufacturer - Google Patents
Method for testing capability of safety service manufacturer Download PDFInfo
- Publication number
- CN115102751A CN115102751A CN202210689890.6A CN202210689890A CN115102751A CN 115102751 A CN115102751 A CN 115102751A CN 202210689890 A CN202210689890 A CN 202210689890A CN 115102751 A CN115102751 A CN 115102751A
- Authority
- CN
- China
- Prior art keywords
- risk
- detection
- detected
- benchmark
- scores
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Abstract
The invention discloses a method for testing the capability of a safety service manufacturer, which comprises the following steps: aiming at a target system, detection results of a marker post unit automation mode and a marker post manual infiltration mode are used as a marker post leak set, original leak scores of the detection results are converted according to a percentage system to obtain leak benchmark scores and deviation benchmark scores, then 3 factors influencing the detection difficulty are arranged and combined according to 2 categories, target systems with easily changed 8 detection difficulties are deployed in a target range, then target systems with different detection difficulties are detected by a security service manufacturer, scoring and deducting calculation are carried out according to effective leaks and ineffective leaks found through detection, scores under different detection difficulties are averaged, and a comparison capability level scoring table is used for obtaining a detection result of the capability of the security service manufacturer. The invention provides more objective reference for a network operation unit to select a safety service manufacturer by changing the safety detection difficulty of the target system and taking the detection result as the basis of capability inspection.
Description
Technical Field
The invention relates to the technical field of network security detection, in particular to a method for testing the capability of a security service manufacturer.
Background
In order to effectively deal with increasingly complex network security situations, reduce network security risks and improve network security protection level, many enterprises choose to provide security-related equipment and security services by means of external force and security service manufacturers. Some large-scale enterprises establish own network security research centers to develop network security attack and protection technology researches, but the number of personnel in the security research centers is limited, the coverage range of security services is limited, a large number of network security construction and operation and maintenance requirements of internal enterprises cannot be met, and external force is still needed.
In the face of diversified security products and all-round security services provided by a plurality of security service manufacturers, enterprises are in great economic loss due to the fact that the technical level of network security technical talents or security personnel is limited, the technical strength of the security manufacturers in the aspects of network attack and defense and vulnerability research is unknown, the capability of the security service manufacturers is difficult to judge correctly, the enterprises are often trapped in a passive situation during selection, and finally the security service manufacturers meeting requirements are not selected, so that a plurality of enterprises are subjected to great economic loss, the targets of security construction and operation and maintenance are not achieved, and the normal operation of a business system is possibly even influenced. Therefore, the ability of security service manufacturers is checked, and the requirement of many enterprises is more and more urgent.
Disclosure of Invention
In order to solve the above-mentioned existing technical problems, the present invention provides a method for checking the capability of a security service manufacturer. The method aims to adopt an objective method to check the capability of a safety service manufacturer, particularly to provide reference for a network safety operation unit aiming at the service capability of a specific industry.
In order to achieve the purpose, the invention adopts the following technical scheme:
a method for verifying the capability of a security service manufacturer comprises the following steps: aiming at a target system, detection results of a benchmarking unit automation mode and a benchmarking manual infiltration mode are used as a benchmarking vulnerability set, original vulnerability scores of the detection results are converted according to a percentage system to obtain vulnerability benchmark scores and deviation benchmark scores, then 3 factors influencing detection difficulty are arranged and combined according to 2 categories, target systems with detection difficulty from easy to difficult 8 categories are deployed in a target range, then target systems with different detection difficulty are detected by a security service manufacturer, scoring and deducting calculation are carried out according to effective vulnerabilities and ineffective vulnerabilities found through detection, scores under different detection difficulties are averaged, and a verification result of the capability of the security service manufacturer is obtained by contrasting a capability level scoring table.
The invention is further improved in that the method specifically comprises the following steps:
(1) selecting a target system, determining a marker post unit, and taking a safety detection result of the marker post unit on the target system as a marker post vulnerability set under the conditions that the marker post unit provides complete information of the target system and closes a protection strategy of the target system, wherein the detection result comprises vulnerabilities detected in two modes of automatic detection and artificial penetration test, the vulnerabilities comprise high-risk, medium-risk and low-risk according to risk levels, and the vulnerabilities are originally divided into CVSS scores;
converting original scores of the vulnerabilities found in two detection modes of a benchmark unit according to a percentage system, converting vulnerabilities detected in an automatic detection mode by an automatic scanning tool, wherein the value of vulnerabilities detected in an artificial penetration test is higher, converting vulnerabilities detected in the automatic detection mode according to 30, and converting vulnerabilities detected in the artificial penetration test according to 70 to obtain benchmark scores of vulnerabilities of three levels;
(2) three factors are used for determining the detection difficulty of the target system, including the information degree, the protection strategy starting condition and the vulnerability security reinforcement condition; combining the 3 factors according to 2 classifications, and deploying 8 target systems with detection difficulty levels from easy to difficult by utilizing the characteristic that an attack and defense target field can quickly build a test network; (3) selecting L types from 8 detection difficulties, requiring that L is more than or equal to 3, arranging a detector by an security service manufacturer to perform safety detection in two modes of automatic detection and manual penetration on a target system with one detection difficulty, completing detection within a specified time, requiring a vulnerability utilization mode for detecting discovered vulnerabilities, and obtaining an effective vulnerability set and an invalid vulnerability set after vulnerability validity verification; the loopholes in the effective loophole set can be in the benchmark loophole set or exceed the benchmark loophole set, the loophole benchmark scores in the step (2) are accumulated for the loopholes contained in the benchmark loophole set, and the loopholes exceeding the benchmark score are added according to the deviation benchmark scores; deducting the invalid vulnerabilities in the vulnerability set according to deviation criteria to obtain scores of the corresponding detection difficulty of the security service manufacturers;
for the jth detection difficulty, the safety service manufacturer scores in an automatic detection mode:
wherein: u, v and v are respectively the numbers of low-risk, medium-risk and high-order leaks contained in the benchmark vulnerability set detected by a security service manufacturer in an automatic mode, u ', v' and w 'are the numbers of low-risk, medium-risk and high-order leaks not contained in the benchmark vulnerability set detected by the security service manufacturer in an automatic mode, and u', v 'and w' are the numbers of invalid low-risk, medium-risk and high-order leaks in the detection result of the security service manufacturer in an automatic mode;
for the jth detection difficulty, the safety service manufacturer scores in a manual penetration detection mode:
wherein: r, s and t are respectively the numbers of low-risk, medium-risk and high-order leaks contained in the benchmark set and detected by a safety service manufacturer in an artificial penetration mode, r ', s' and t 'are the numbers of low-risk, medium-risk and high-order leaks not contained in the benchmark set and detected by the safety service manufacturer in an artificial penetration mode, and r', s 'and t' are the numbers of invalid low-risk, medium-risk and high-order leaks in the detection result of the safety service manufacturer in an artificial penetration mode;
for the jth detection difficulty, the security service manufacturer scores:
p j =g j +h j (21)
(4) in order to reduce the randomness of the detection result, the scores of the N detection difficulties are subjected to arithmetic averaging to obtain the final score of the capability test of the security manufacturer;
and comparing the final score lambda of the safety service manufacturer with the capability grade division table to obtain a capability test result of the safety service manufacturer.
The invention has the further improvement that in the step (1), the ith vulnerability benchmark score detected in an automatic mode is calculated:
wherein: m, n and k are respectively the numbers of low-risk, medium-risk and high-risk leaks detected by a marker post unit in an automatic mode, A i 、B i 、C i Single low-risk, medium-risk and high-risk leak primitive marks a detected by a marker post unit in an automatic mode i 、b i 、c i The standard scores are single low-risk, medium-risk and high-risk loopholes detected in an automatic mode respectively for a benchmark unit;
calculating the deviation benchmark score detected in an automatic mode:
when m >0, the compound is capable of,
when m is equal to 0, the compound is,
when n >0, the compound is capable of,
when n is equal to 0, the compound is,
when k >0, the first and second substrates,
when k is equal to 0, the first step is,
wherein: a ', b ' and c ' are respectively low-risk, medium-risk and high-risk grade leak deviation benchmark scores detected by a marker post unit in an automatic mode.
The further improvement of the invention is that in the step (1), the ith vulnerability benchmark score detected by the artificial penetration mode is calculated:
wherein: wherein: x, y and z are the numbers of low-risk, medium-risk and high-risk leaks detected by the marker post unit in an artificial penetration mode respectively, D i 、E i 、F i Respectively single low-risk, medium-risk and high-risk leak original marks detected by a marker post unit in an artificial penetration mode, d i 、e i 、f i The standard marks are single low-risk, medium-risk and high-risk leak benchmark marks which are respectively detected by a marker post unit in an artificial penetration mode;
calculating deviation benchmark scores detected by an artificial penetration mode:
when x >0, the number of x,
when x is equal to 0, the number of x,
when y >0, the ratio of the total of the two,
when y is equal to 0, the first electrode is,
when z >0, the compound is capable of,
when z is equal to 0, the reaction mixture,
wherein: d ', e ' and f ' are low-risk, medium-risk and high-risk level leak deviation benchmark scores detected by a marker post unit in an artificial penetration mode respectively.
A further improvement of the present invention is that in step (2), three factors and classifications are detailed in the following table:
the invention has the further improvement that in the step (2), the detection difficulty level is shown in the following table:
the invention is further improved in that in the step (4), the capability test result of the security service manufacturer is as follows:
| serial number | Level of capability | Fractional range |
| 1 | Is excellent in | Score of>=90 |
| 2 | Good effect | 90>Score of>=75 |
| 3 | In general terms | 75>Score of>=60 |
| 4 | Is poor | 60>Score of>=45 |
| 5 | Is very poor | Score of<45 |
The invention has the further improvement that the capability test of the safety service manufacturer faces to batch safety detection personnel, the detection difficulty is informed to the detection personnel or not, the same detection personnel faces to different detection difficulties, the detected loopholes are possibly different, and the capability test results of the safety service manufacturer are also different.
The invention is further improved in that if the security service manufacturer detection result loophole set exceeds the benchmark loophole set, the score of the capability test of the security service manufacturer can exceed 100.
The invention has at least the following beneficial technical effects:
the invention provides a method for testing the capability of a security service manufacturer, which is widely applied to different target systems in multiple industries and distinguishes the value of a vulnerability discovered by two detection modes, namely automation and manual infiltration; the original loophole scores are converted according to the percentage system, and the detection results of the safety service manufacturers can be verified to be subjected to score adding and score subtracting processing by calculating the loophole benchmark scores and the deviation benchmark scores, so that the uniform calculation processing of different detection results of a plurality of safety service manufacturers is realized; by providing a plurality of target systems with different detection difficulties, the service capability of a safety service manufacturer is comprehensively checked, the capability quantification and the grade evaluation of the safety service manufacturer are realized, and a more objective reference basis is provided for a network operator when selecting the safety service manufacturer.
Drawings
FIG. 1 is a schematic diagram of the inspection method of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. It should be noted that the embodiments and features of the embodiments of the present invention may be combined with each other without conflict. The present invention will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
As shown in fig. 1, the method for checking the capability of a security service manufacturer according to the present invention is described by taking an information system as a target system, a network security research center as a benchmarking unit, and a security service manufacturer a as an example, and includes the following steps:
(1) selecting an information system as a target system, determining a network security research center as a benchmark unit, grasping the complete information of the information system by the network security research center, carrying out vulnerability scanning and manual penetration testing on the system under the condition of closing a system protection strategy, carrying out comprehensive security detection, and taking the detection result of the network security research center as a reference, wherein vulnerabilities are originally divided into CVSS scores;
converting original scores of vulnerabilities detected and found by a certain network security research center according to a percentage system, converting total scores of vulnerabilities detected automatically according to 30, and converting total scores of vulnerabilities detected by manual penetration testing according to 70 to obtain benchmark scores of vulnerabilities of three levels;
12 high-risk holes, 78 medium-risk holes and 16 low-risk holes detected in an automatic mode, calculating the reference score of the high-risk holes, and only listing 10 holes, as shown in the following table:
calculating the medium-risk hole reference points, and only listing 10, as shown in the following table:
calculating the low-risk hole reference points, and only listing 10 holes, as shown in the following table:
calculating the deviation benchmark score detected in an automatic mode:
a'=0.425,b'=0.295,c'=0.114
wherein: a ', b ' and c ' are respectively low-risk, medium-risk and high-risk grade leak deviation benchmark scores detected by a marker post unit in an automatic mode;
the vulnerability benchmarks of the artificial penetration mode detection are listed as follows:
calculating deviation benchmark scores detected by an artificial penetration mode:
d'=12.352,e'=8.235,f'=1.666
wherein: d ', e ' and f ' are respectively low-risk, medium-risk and high-risk grade leak deviation benchmark scores detected by a marker post unit in an artificial penetration mode;
(2) the detection difficulty of the target system is determined by three factors, including the information degree, the protection strategy starting condition and the vulnerability security reinforcement condition, and the three factors and the classification are detailed in the following table;
combining 3 factors according to 2 classifications, utilizing the characteristic that an attack and defense target field can quickly build a test network, considering the actual situation of a certain safety service manufacturer A, deploying 4 target systems with detection difficulty levels from easy to difficult, and the detection difficulty levels are shown in the table;
(3) a certain security service manufacturer A arranges detection personnel to perform automatic detection and manual penetration security detection on the target systems with the 4 detection difficulties, detection is completed within a specified time, a vulnerability utilization mode is provided for vulnerabilities discovered by detection, and after vulnerability validity verification is performed by a certain network security research center, an effective vulnerability set and an invalid vulnerability set are obtained;
the effective vulnerability set conditions discovered by a certain security service manufacturer A in an automatic detection mode are as follows:
| serial number | Vulnerability classes | First order difficulty | Three-level difficulty | Difficulty level five | Difficulty of seven levels |
| 1 | High risk | 12 | 11 | 9 | 8 |
| 2 | Middle-risk | 76 | 70 | 73 | 67 |
| 3 | Low risk | 10 | 8 | 9 | 7 |
The effective vulnerability set conditions found by a certain security service manufacturer A in a manual infiltration mode are as follows:
| serial number | Vulnerability classes | First order difficulty | Three-level difficulty | Difficulty level five | Difficulty of seven levels |
| 1 | High risk | 2 | 1 | 2 | 1 |
| 2 | Middle-risk | 5 | 5 | 4 | 3 |
| 3 | Low risk | 0 | 0 | 0 | 0 |
According to a report provided by a certain security service manufacturer A, the bugs in the effective bug sets may exceed the benchmark bug sets, the bug benchmark scores in the step (2) are accumulated for the bugs contained in the benchmark bug sets, and the bugs exceeding the benchmark bug sets are added according to the deviation benchmark scores to obtain the scores of the certain security service manufacturer A under different detection difficulties;
(4) in order to reduce the randomness of the detection result, the scores of the 4 detection difficulties are subjected to arithmetic mean, and the final score of the security manufacturer capability test is 81.61.
And comparing the capability grade division table to obtain a good capability test result of a certain security service manufacturer A.
| Serial number | Level of capability | Fractional range |
| 1 | It is excellent in | Score of>=90 |
| 2 | Good effect | 90>Score of>=75 |
| 3 | In general | 75>Score of>=60 |
| 4 | Is poor | 60>Score of>=45 |
| 5 | Is very poor | Score of<45 |
The examples of the present invention are set forth merely to help illustrate the invention and not to elaborate all details of the technical solutions, and those skilled in the art may make substitutions, modifications to and departures from the technical implementation procedures without departing from the spirit and scope of the embodiments of the present invention.
Claims (9)
1. A method for verifying capabilities of a security service provider, comprising: aiming at a target system, detection results of a marker post unit automation mode and a marker post manual infiltration mode are used as a marker post leak set, original leak scores of the detection results are converted according to a percentage system to obtain leak benchmark scores and deviation benchmark scores, then 3 factors influencing the detection difficulty are arranged and combined according to 2 categories, target systems with easily changed 8 detection difficulties are deployed in a target range, then target systems with different detection difficulties are detected by a security service manufacturer, scoring and deducting calculation are carried out according to effective leaks and ineffective leaks found through detection, scores under different detection difficulties are averaged, and a comparison capability level scoring table is used for obtaining a detection result of the capability of the security service manufacturer.
2. The method for checking the capability of the security service manufacturer according to claim 1, comprising the following steps:
(1) selecting a target system, determining a marker post unit, and taking a safety detection result of the marker post unit on the target system as a marker post vulnerability set under the conditions that the marker post unit provides complete information of the target system and closes a protection strategy of the target system, wherein the detection result comprises vulnerabilities detected in two modes of automatic detection and artificial penetration test, the vulnerabilities comprise high-risk, medium-risk and low-risk according to risk levels, and the vulnerabilities are originally classified into CVSS scores;
converting original scores of the vulnerabilities found in two detection modes of a benchmark unit according to a percentage system, converting vulnerabilities detected in an automatic detection mode by an automatic scanning tool, wherein the value of vulnerabilities detected in an artificial penetration test is higher, converting vulnerabilities detected in the automatic detection mode according to 30, and converting vulnerabilities detected in the artificial penetration test according to 70 to obtain benchmark scores of vulnerabilities of three levels;
(2) three factors are used for determining the detection difficulty of the target system, including the information degree, the protection strategy starting condition and the vulnerability security reinforcement condition; combining the 3 factors according to 2 classifications, and deploying 8 target systems with detection difficulty levels from easy to difficult by utilizing the characteristic that an attack and defense target field can quickly build a test network;
(3) selecting L types from 8 detection difficulties, requiring that L is more than or equal to 3, arranging a detector by an security service manufacturer to perform safety detection in two modes of automatic detection and manual penetration on a target system with one detection difficulty, completing detection within a specified time, requiring a vulnerability utilization mode for detecting discovered vulnerabilities, and obtaining an effective vulnerability set and an invalid vulnerability set after vulnerability validity verification; the loopholes in the effective loophole set can be in the benchmark loophole set or exceed the benchmark loophole set, the loophole benchmark scores in the step (2) are accumulated for the loopholes contained in the benchmark loophole set, and the loopholes exceeding the benchmark score are added according to the deviation benchmark scores; deducting the invalid vulnerabilities in the vulnerability set according to deviation criteria to obtain scores of the corresponding detection difficulty of the security service manufacturers;
for the jth detection difficulty, the safety service manufacturer scores in an automatic detection mode:
wherein: u, v and v are respectively the numbers of low-risk, medium-risk and high-order leaks contained in the benchmark vulnerability set detected by a security service manufacturer in an automatic mode, u ', v' and w 'are the numbers of low-risk, medium-risk and high-order leaks not contained in the benchmark vulnerability set detected by the security service manufacturer in an automatic mode, and u', v 'and w' are the numbers of invalid low-risk, medium-risk and high-order leaks in the detection result of the security service manufacturer in an automatic mode;
for the jth detection difficulty, the safety service manufacturer scores in a manual penetration detection mode:
wherein: r, s and t are respectively the numbers of low-risk, medium-risk and high-order leaks contained in the benchmark set and detected by a safety service manufacturer in an artificial penetration mode, r ', s' and t 'are the numbers of low-risk, medium-risk and high-order leaks not contained in the benchmark set and detected by the safety service manufacturer in an artificial penetration mode, and r', s 'and t' are the numbers of invalid low-risk, medium-risk and high-order leaks in the detection result of the safety service manufacturer in an artificial penetration mode;
for the jth detection difficulty, the security service manufacturer scores:
p j =g j +h j (21)
(4) in order to reduce the randomness of the detection result, the scores of the N detection difficulties are subjected to arithmetic averaging to obtain the final score of the capability test of the security manufacturer;
and comparing the final score lambda of the safety service manufacturer with the capability grade division table to obtain a capability test result of the safety service manufacturer.
3. The method for checking capability of a security service provider according to claim 1, wherein in the step (1), the ith vulnerability benchmark score detected in an automatic manner is calculated as follows:
wherein: m, n and k are respectively the numbers of low-risk, medium-risk and high-risk leaks detected by a marker post unit in an automatic mode, A i 、B i 、C i Respectively single low-risk, medium-risk and high-risk leak original marks, a, detected by a benchmarking unit in an automatic mode i 、b i 、c i The standard scores are single low-risk, medium-risk and high-risk loopholes detected in an automatic mode respectively for a benchmark unit;
calculating the deviation benchmark score detected in an automatic mode:
when m >0, the compound is capable of,
when m is equal to 0, the compound is,
when n >0, the compound is capable of,
when n is equal to 0, the compound is,
when k >0, the first and second substrates,
when k is equal to 0, the number of the bits is 0,
wherein: a ', b ' and c ' are low-risk, medium-risk and high-risk level leak deviation benchmark scores detected by a marker post unit in an automatic mode respectively.
4. The method for checking capability of a security service provider according to claim 3, wherein in the step (1), the ith vulnerability benchmark score detected by the artificial penetration mode is calculated as follows:
wherein: wherein: x, y and z are the numbers of low-risk, medium-risk and high-risk leaks detected by the marker post unit in an artificial penetration mode respectively, D i 、E i 、F i Respectively single low-risk, medium-risk and high-risk leak original marks detected by a marker post unit in an artificial penetration mode, d i 、e i 、f i The standard marks are single low-risk, medium-risk and high-risk leak benchmark marks which are respectively detected by a marker post unit in an artificial penetration mode;
calculating deviation benchmark scores detected by an artificial penetration mode:
when x is greater than 0, the reaction mixture is,
when x is equal to 0, the number of x,
when y >0, the ratio of the total of the two,
when the value of y is equal to 0,
when z >0, the compound is capable of,
when z is equal to 0, the ratio of z,
wherein: d ', e ' and f ' are respectively low-risk, medium-risk and high-risk grade leak deviation benchmark scores detected by a marker post unit in an artificial penetration mode.
5. The method of claim 1, wherein in step (2), the three factors and categories are detailed in the following table:
6. the method for verifying the capability of a security service manufacturer according to claim 5, wherein in the step (2), the detection difficulty level is as follows:
7. the method for checking capability of security service provider according to claim 1, wherein in the step (4), the capability checking result of security service provider is as follows:
。
8. The method as claimed in claim 1, wherein the capability test of the security service manufacturer is performed by batch security testers, the testing difficulty is informed to the testers or not, the same testers are subjected to different testing difficulties, the detected vulnerabilities may be different, and the capability test results of the security service manufacturer may be different.
9. The method as claimed in claim 1, wherein the security service provider detects the vulnerability set, and if the vulnerability set exceeds the benchmarking vulnerability set, the capability test score of the security service provider exceeds 100.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210689890.6A CN115102751B (en) | 2022-06-17 | 2022-06-17 | Method for checking capability of security service manufacturer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210689890.6A CN115102751B (en) | 2022-06-17 | 2022-06-17 | Method for checking capability of security service manufacturer |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115102751A true CN115102751A (en) | 2022-09-23 |
| CN115102751B CN115102751B (en) | 2023-09-15 |
Family
ID=83291517
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210689890.6A Active CN115102751B (en) | 2022-06-17 | 2022-06-17 | Method for checking capability of security service manufacturer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115102751B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101119236A (en) * | 2006-07-31 | 2008-02-06 | 中国航天科技集团公司第五研究院第五一○研究所 | Network safety integrated estimation system |
| US20090307764A1 (en) * | 2006-03-24 | 2009-12-10 | Yoshiaki Isobe | Biometric Authenticaton System and Method with Vulnerability Verification |
| CN102664876A (en) * | 2012-04-10 | 2012-09-12 | 星云融创(北京)科技有限公司 | Method and system for detecting network security |
| WO2014107104A1 (en) * | 2013-01-02 | 2014-07-10 | Netpeas S.A. | System and method for the scoring, evaluation and ranking of the assets of the information system |
| US20150073981A1 (en) * | 2014-10-28 | 2015-03-12 | Brighterion, Inc. | Data breach detection |
| CN105635121A (en) * | 2015-12-23 | 2016-06-01 | 赛尔网络有限公司 | Vulnerability severity level distribution statistical method based on manufacturers, device and system |
| US20190289029A1 (en) * | 2018-03-14 | 2019-09-19 | Synack, Inc. | Risk assessment and remediation |
| US20190387408A1 (en) * | 2014-12-03 | 2019-12-19 | Beijing Qihoo Technology Company Limited | Wireless access node detecting method, wireless network detecting system and server |
| CN111199042A (en) * | 2019-12-17 | 2020-05-26 | 中国南方电网有限责任公司超高压输电公司 | Safe and efficient vulnerability management system |
| CN112131574A (en) * | 2020-09-16 | 2020-12-25 | 上海中通吉网络技术有限公司 | Method, system and equipment for determining information security vulnerability level |
| CN113704767A (en) * | 2021-08-10 | 2021-11-26 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system |
| WO2022042010A1 (en) * | 2020-08-27 | 2022-03-03 | 山东英信计算机技术有限公司 | Vulnerability processing method, apparatus and device, and computer-readable storage medium |
-
2022
- 2022-06-17 CN CN202210689890.6A patent/CN115102751B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090307764A1 (en) * | 2006-03-24 | 2009-12-10 | Yoshiaki Isobe | Biometric Authenticaton System and Method with Vulnerability Verification |
| CN101119236A (en) * | 2006-07-31 | 2008-02-06 | 中国航天科技集团公司第五研究院第五一○研究所 | Network safety integrated estimation system |
| CN102664876A (en) * | 2012-04-10 | 2012-09-12 | 星云融创(北京)科技有限公司 | Method and system for detecting network security |
| WO2014107104A1 (en) * | 2013-01-02 | 2014-07-10 | Netpeas S.A. | System and method for the scoring, evaluation and ranking of the assets of the information system |
| US20150073981A1 (en) * | 2014-10-28 | 2015-03-12 | Brighterion, Inc. | Data breach detection |
| US20190387408A1 (en) * | 2014-12-03 | 2019-12-19 | Beijing Qihoo Technology Company Limited | Wireless access node detecting method, wireless network detecting system and server |
| CN105635121A (en) * | 2015-12-23 | 2016-06-01 | 赛尔网络有限公司 | Vulnerability severity level distribution statistical method based on manufacturers, device and system |
| US20190289029A1 (en) * | 2018-03-14 | 2019-09-19 | Synack, Inc. | Risk assessment and remediation |
| CN111199042A (en) * | 2019-12-17 | 2020-05-26 | 中国南方电网有限责任公司超高压输电公司 | Safe and efficient vulnerability management system |
| WO2022042010A1 (en) * | 2020-08-27 | 2022-03-03 | 山东英信计算机技术有限公司 | Vulnerability processing method, apparatus and device, and computer-readable storage medium |
| CN112131574A (en) * | 2020-09-16 | 2020-12-25 | 上海中通吉网络技术有限公司 | Method, system and equipment for determining information security vulnerability level |
| CN113704767A (en) * | 2021-08-10 | 2021-11-26 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system |
Non-Patent Citations (3)
| Title |
|---|
| 宋岍龙;许敬伟;周乐坤;魏丽丽;邓晓东;: "漏洞自动化跟踪系统模型研究", 电脑编程技巧与维护, no. 04 * |
| 杨楚华;: "Intranet网络架构安全评估", 网络安全和信息化, no. 04 * |
| 龚扣林;周宇;丁笠;王永超;: "基于BiLSTM模型的漏洞检测", 计算机科学, no. 05 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115102751B (en) | 2023-09-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107819771B (en) | Information security risk assessment method and system based on asset dependency relationship | |
| CN106874755B (en) | Most consistent escape error processing apparatus and method | |
| CN110324316A (en) | A kind of industry control anomaly detection method based on a variety of machine learning algorithms | |
| CN109064018A (en) | A kind of information security risk evaluation system and method | |
| CN109347823B (en) | CAN bus abnormality detection method based on information entropy | |
| US20090106843A1 (en) | Security risk evaluation method for effective threat management | |
| CN101150432A (en) | An information system risk evaluation method and system | |
| CN113434866B (en) | Unified risk quantitative evaluation method for instrument function safety and information safety strategies | |
| CN106997437B (en) | System vulnerability protection method and device | |
| CN115952503A (en) | Application safety testing method and system integrating black, white and gray safety detection technology | |
| CN115102751A (en) | Method for testing capability of safety service manufacturer | |
| KR20180060616A (en) | RBA based integrated weak point diagnosis method | |
| CN107347074A (en) | A kind of method for determining network equipment security | |
| CN113660227B (en) | Quantitative calculation method and device for network security vulnerability assessment | |
| CN115689372A (en) | Vulnerability estimation method and system for circumferential weld of oil and gas pipeline | |
| CN114022022A (en) | Industrial network security risk assessment method, device, equipment and storage medium | |
| CN109981600B (en) | Security assessment system for website reinforcement | |
| CN106572122A (en) | Host security evaluation method and system based on network behavior feature correlation analysis | |
| CN108470229A (en) | One kind being based on CpkThe reliability of bulk article enter detecting method | |
| CN113268738A (en) | Intelligent automobile information security vulnerability assessment method and system | |
| KR20090003034A (en) | Identification and evaluation method of information asset | |
| CN112116227A (en) | Industrial control information security risk assessment model based on distributed inspection | |
| CN107895118A (en) | A kind of safety evaluation method of the combination of qualitative and quantitative analysis based on penetration testing | |
| CN118014339A (en) | Network security risk assessment method, device, equipment and storage medium | |
| CN109255233B (en) | Vulnerability detection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |