CN115102751B - Method for checking capability of security service manufacturer - Google Patents

Method for checking capability of security service manufacturer Download PDF

Info

Publication number
CN115102751B
CN115102751B CN202210689890.6A CN202210689890A CN115102751B CN 115102751 B CN115102751 B CN 115102751B CN 202210689890 A CN202210689890 A CN 202210689890A CN 115102751 B CN115102751 B CN 115102751B
Authority
CN
China
Prior art keywords
risk
detection
detected
security service
vulnerability
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210689890.6A
Other languages
Chinese (zh)
Other versions
CN115102751A (en
Inventor
刘超飞
郭云
刘迪
肖立炀
崔逸群
毕玉冰
朱博迪
曾荣汉
王文庆
邓楠轶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Thermal Power Research Institute Co Ltd
Huaneng Group Technology Innovation Center Co Ltd
Original Assignee
Xian Thermal Power Research Institute Co Ltd
Huaneng Group Technology Innovation Center Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Thermal Power Research Institute Co Ltd, Huaneng Group Technology Innovation Center Co Ltd filed Critical Xian Thermal Power Research Institute Co Ltd
Priority to CN202210689890.6A priority Critical patent/CN115102751B/en
Publication of CN115102751A publication Critical patent/CN115102751A/en
Application granted granted Critical
Publication of CN115102751B publication Critical patent/CN115102751B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Abstract

The invention discloses a method for checking the capability of a security service manufacturer, which comprises the following steps: aiming at a target system, taking detection results of two modes of automatic and manual penetration of a target unit as a target vulnerability set, converting original vulnerability scores of the detection results according to a percentage to obtain vulnerability benchmark scores and deviation benchmark scores, arranging and combining 3 factors influencing detection difficulty according to 2 categories, deploying target systems from easy to difficult 8 detection difficulties in a target range, detecting target systems with different detection difficulties by a security service manufacturer, calculating adding scores and deductions according to effective vulnerabilities and invalid vulnerabilities found by detection, averaging scores under different detection difficulties, and obtaining a detection result of security service manufacturer capability by contrasting a capability level division table. According to the invention, the security detection difficulty of the target system is changed, the detection result is used as the basis of capability detection, and objective reference is provided for network operation units to select security service manufacturers.

Description

Method for checking capability of security service manufacturer
Technical Field
The invention relates to the technical field of network security detection, in particular to a method for checking the capability of a security service manufacturer.
Background
In order to effectively cope with increasingly complex network security situations, reduce network security risks and improve network security protection level, many enterprises choose to provide security related equipment and security services by means of external force, and select security service manufacturers. A part of large enterprises establish own network security research centers to develop network security attack and protection technology research, but because the number of personnel in the security research centers is limited, the coverage range of security service is limited, and the requirements of large network security construction and operation and maintenance of internal enterprises cannot be met, the external force is still needed.
Enterprises face diversified security products and all-round security services provided by a plurality of security service manufacturers, due to the lack of network security technology talents or limited technical level of security personnel, the security manufacturers are not aware of technical strength in network attack and defense and vulnerability research, the ability of the security service manufacturers is difficult to accurately judge, the security service manufacturers are often involved in a passive situation when selecting, and finally the security service manufacturers meeting the requirements are not selected, so that a plurality of enterprises suffer great economic loss, the goals of security construction and operation and maintenance are not achieved, and even the normal operation of a service system is possibly influenced. Therefore, checking the capability of security service manufacturers is becoming an urgent requirement for many enterprises.
Disclosure of Invention
In order to solve the above-mentioned prior art problems, the present invention provides a method for checking the capability of a security service manufacturer. The objective method is to test the capability of the security service manufacturer, especially the service capability of specific industry, and provide reference for network security operation units.
In order to achieve the above purpose, the invention adopts the following technical scheme:
a method of verifying capabilities of a security service vendor, comprising: aiming at a target system, taking detection results of two modes of automatic and manual penetration of a target unit as a target vulnerability set, converting original vulnerability scores of the detection results according to a percentage to obtain vulnerability benchmark scores and deviation benchmark scores, arranging and combining 3 factors influencing detection difficulty according to 2 categories, deploying target systems from easy to difficult 8 detection difficulties in a target range, detecting target systems with different detection difficulties by a security service manufacturer, calculating adding scores and deductions according to effective vulnerabilities and invalid vulnerabilities found by detection, averaging scores under different detection difficulties, and obtaining a detection result of security service manufacturer capability by contrasting a capability level division table.
The invention is further improved in that the method specifically comprises the following steps:
(1) Selecting a target system, determining a target pole unit, taking a security detection result of the target system of the target pole unit as a target pole vulnerability set under the condition that the target pole unit provides complete information of the target system and closes a protection strategy of the target system, wherein the detection result comprises vulnerabilities detected in two modes of automatic detection and manual penetration test, the vulnerabilities comprise high-risk, medium-risk and low-risk according to the risk level, and the vulnerabilities are originally classified as CVSS scores;
converting original scores of loopholes found by two detection modes of a marker post unit according to a percentage, wherein the loopholes detected automatically depend on an automatic scanning tool, the value of the loopholes detected by the artificial penetration test is higher, the total score of the loopholes detected automatically is converted according to 30, and the total score of the loopholes detected by the artificial penetration test is converted according to 70, so that the reference score of the loopholes of three levels is obtained;
(2) The factors for determining the detection difficulty of the target system are three, including the information degree, the protection strategy opening condition and the vulnerability security reinforcement condition; combining 3 factors according to 2 classifications, and deploying 8 kinds of target systems with difficult detection difficulty levels from easy to difficult by utilizing the characteristic of rapidly constructing a test network by using the attack and defense target field energy; (3) L kinds of detection difficulty are selected from 8 kinds of detection difficulty, L is required to be more than or equal to 3, an security service manufacturer arranges that detection personnel can perform security detection in two modes of automatic detection and manual infiltration on a target system with one detection difficulty, detection is completed within a specified time, and for detected vulnerabilities, a vulnerability utilization mode is required to be provided, and after vulnerability validity verification is performed, an effective vulnerability set and an ineffective vulnerability set are obtained; the loopholes in the effective loopholes set can be in the benchmarking loopholes set or exceed the benchmarking loopholes set, and for the loopholes contained in the benchmarking loopholes set, adding the loopholes in the step (2) according to the deviation reference points; deducting the vulnerabilities in the invalid vulnerability set according to the deviation standard score to obtain a score of the corresponding detection difficulty of the security service manufacturer;
for the j detection difficulty, the security service manufacturer automatically detects the mode score:
wherein: u, v and v are respectively low-risk, middle-level and high-level vulnerability numbers which are detected by a security service manufacturer in an automatic mode and are contained in a target vulnerability set, u ', v' and w 'are respectively low-risk, middle-level and high-level vulnerability numbers which are detected by the security service manufacturer in an automatic mode and are not contained in the target vulnerability set, and u', v 'and w' are invalid low-risk, middle-level and high-level vulnerability numbers which are detected by the security service manufacturer in an automatic mode and are contained in the detection result;
for the j detection difficulty, the manual penetration detection mode of the security service manufacturer scores:
wherein: r, s and t are respectively low-risk, middle-level and high-level loopholes which are detected by a security service manufacturer in a manual permeation mode and are contained in a target loophole set, r ', s' and t 'are respectively low-risk, middle-level and high-level loopholes which are detected by the security service manufacturer in the manual permeation mode and are not contained in the target loophole set, and r', s 'and t' are invalid low-risk, middle-level and high-level loopholes which are detected by the security service manufacturer in the manual permeation mode;
for the j detection difficulty, the security service manufacturer scores:
p j =g j +h j (21)
(4) In order to reduce the randomness of the detection result, carrying out arithmetic average on the scores of N detection difficulties to obtain a final score of the safety manufacturer capability test;
and finally, the score lambda of the security service manufacturer is compared with the capability class dividing table to obtain the capability test result of the security service manufacturer.
The invention further improves that in the step (1), the ith vulnerability basic score of the automatic mode detection is calculated:
wherein: m, n and k are respectively the low-risk, medium-risk and high-risk loopholes detected by the marker post unit in an automatic mode, A i 、B i 、C i Single units, each of which is automatically detected for a target unitA, a low-risk, medium-risk and high-risk vulnerability original score i 、b i 、c i The method is characterized in that the method is a single low-risk, medium-risk and high-risk vulnerability benchmark score which is detected in an automatic mode for a marker post unit respectively;
calculating deviation reference points detected in an automatic mode:
when m is greater than 0, the value of m,
when m=0, the number of the m-groups,
when n is greater than 0, the number of times,
when n=0, the number of the n-type switches,
when k is greater than 0, the number of times,
when k= at the time of 0, the temperature of the liquid,
wherein: a ', b ', c ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation standard scores detected by a marker post unit in an automatic mode.
The invention further improves that in the step (1), the ith vulnerability benchmark score detected by the artificial osmosis mode is calculated:
wherein: wherein: x, y and z are respectively the low-risk, medium-risk and high-risk loopholes detected by the marker post unit in an artificial permeation mode, D i 、E i 、F i The single low-risk, medium-risk and high-risk vulnerability original scores are detected by a standard pole unit in a manual permeation mode respectively, and d i 、e i 、f i The method is characterized in that single low-risk, medium-risk and high-risk vulnerability benchmark scores which are respectively detected by a marker post unit in a manual penetration mode are adopted;
calculating deviation reference points detected by an artificial infiltration mode:
when x is greater than 0 and is equal to x,
when x=0, the number of the groups,
when y is greater than 0, the value of y is greater than 0,
when y=0, the number of the groups,
when z is greater than 0, the number of times,
when z=0, the number of times,
wherein: d ', e ', f ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation standard scores detected by a marker post unit in a manual infiltration mode.
The invention is further improved in that in the step (2), three factors and classifications are detailed in the following table:
the invention is further improved in that in the step (2), the detection difficulty level is shown in the following table:
the invention is further improved in that in the step (4), the capability test result of the security service manufacturer is as follows:
sequence number Capacity class Score range
1 Excellent and excellent properties Score of>=90
2 Good quality 90>Score of>=75
3 In general 75>Score of>=60
4 Poor quality 60>Score of>=45
5 Very poor Score of<45
The invention is further improved in that the capability test of the security service manufacturer is oriented to batch security testers, the testers are informed of the detection difficulty or not informed of the detection difficulty, the same testers are oriented to different detection difficulties, the detected loopholes can be different, and the test results of the capability of the security service manufacturer can be different.
The invention is further improved in that if the security service manufacturer detection result vulnerability set exceeds the benchmarking vulnerability set, the score of the security service manufacturer capability test exceeds 100.
The invention has at least the following beneficial technical effects:
the invention provides a method for checking the capability of a security service manufacturer, which is widely applicable to different target systems in a plurality of industries and distinguishes the value of loopholes discovered by two detection modes of automation and manual infiltration; the original vulnerability score is converted according to the percentage, and the detection results of the security service manufacturers can be verified to carry out score adding and score subtracting processing by calculating the vulnerability benchmark score and the deviation benchmark score, so that unified calculation processing of different detection results of a plurality of security service manufacturers is realized; by providing a plurality of target systems with different detection difficulties, the service capacity of the security service manufacturer is comprehensively checked, the quantification and grade assessment of the security service manufacturer capacity are realized, and objective reference basis is provided for network operators when the security service manufacturer is selected.
Drawings
FIG. 1 is a schematic diagram of the test method of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. It should be noted that, without conflict, the embodiments of the present invention and features of the embodiments may be combined with each other. The invention will be described in detail below with reference to the drawings in connection with embodiments.
As shown in fig. 1, the method for checking the capability of a security service manufacturer provided by the present invention is illustrated by taking a certain information system as a target system, a certain network security research center as a target unit, and a certain security service manufacturer a as an example, and includes the following steps:
(1) Selecting a certain information system as a target system, determining a certain network security research center as a standard pole unit, grasping the complete information of the certain information system by the certain network security research center, performing vulnerability scanning and manual penetration testing on the system under the condition of closing a system protection strategy, performing comprehensive security detection, taking the detection result of the certain network security research center as a reference, and dividing the vulnerability original into CVSS scores;
converting original scores of loopholes detected by a network security research center according to a percentile, converting total scores of loopholes detected by automatic detection according to 30, and converting total scores of loopholes detected by manual penetration test according to 70 to obtain reference scores of loopholes of three levels;
the method comprises the steps of automatically detecting 12 high-risk holes, 78 medium-risk holes and 16 low-risk holes, calculating high-risk hole benchmark scores, and listing only 10 high-risk holes, wherein the high-risk holes, the medium-risk holes and the low-risk holes are shown in the following table:
the medium-risk hole benchmark score was calculated, listing only 10, as follows:
the low-risk hole benchmark score was calculated, listing only 10, as follows:
calculating deviation reference points detected in an automatic mode:
a'=0.425,b'=0.295,c'=0.114
wherein: a ', b ', c ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation benchmark scores detected by a marker post unit in an automatic mode;
leak benchmarks for manual permeation mode detection are listed below:
calculating deviation reference points detected by an artificial infiltration mode:
d'=12.352,e'=8.235,f'=1.666
wherein: d ', e ' and f ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation standard scores detected by a marker post unit in a manual penetration mode;
(2) The factors for determining the detection difficulty of the target system include information degree, protection strategy opening condition and vulnerability security reinforcement condition, and the three factors and the classifications are detailed in the following table;
/>
combining 3 factors according to 2 classifications, rapidly constructing a test network by utilizing the characteristics of attack and defense target sites, and deploying a target system with 4 detection difficulty levels from easy to difficult in consideration of the actual situation of a certain security service manufacturer A, wherein the detection difficulty levels are shown in the following table;
(3) A security service manufacturer A arranges security detection personnel to perform security detection in two modes of automatic detection and manual infiltration on the target systems with the 4 detection difficulties, the detection is completed within a specified time, and for the detected loopholes, a loophole utilization mode is provided, and after a certain network security research center performs loophole validity verification, an effective loophole set and an ineffective loophole set are obtained;
the effective vulnerability set conditions found by a security service vendor a in an automated detection manner are as follows:
sequence number Vulnerability level First level difficulty Three-level difficulty Difficulty of five stages Difficulty of seven stages
1 High risk 12 11 9 8
2 Medium risk 76 70 73 67
3 Low risk of 10 8 9 7
The conditions of the effective vulnerability sets found by a certain security service manufacturer A in a manual infiltration mode are as follows:
sequence number Vulnerability level First level difficulty Three-level difficulty Difficulty of five stages Difficulty of seven stages
1 High risk 2 1 2 1
2 Medium risk 5 5 4 3
3 Low risk of 0 0 0 0
From the report provided by a certain security service manufacturer A, the loopholes in the effective loopholes set possibly exceed the benchmarking loopholes set, for the loopholes contained in the benchmarking loopholes set, accumulating the loopholes benchmark scores in (2), and for the loopholes exceeding the benchmarking loopholes set, adding scores according to the deviation benchmark scores to obtain scores of the certain security service manufacturer A under different detection difficulties;
(4) To reduce the randomness of the detection results, the scores of the 4 detection difficulties were arithmetically averaged to obtain a final score of 81.61 for the safety manufacturer's capability test.
And (5) comparing the capability class division table to obtain a capability test result of a certain security service manufacturer A.
Sequence number Capacity class Score range
1 Excellent and excellent properties Score of>=90
2 Good quality 90>Score of>=75
3 In general 75>Score of>=60
4 Poor quality 60>Score of>=45
5 Very poor Score of<45
The examples set forth herein are intended merely to aid in the description of the invention and not to provide an exhaustive list of all the details of the technical solutions, and those skilled in the art may make various alterations and modifications to the implementation of some of the techniques without departing from the spirit and scope of the embodiments of the present invention.

Claims (3)

1. A method of verifying capabilities of a security service manufacturer, comprising: aiming at a target system, taking detection results of two modes of automatic and manual penetration of a target unit as a target vulnerability set, converting original vulnerability scores of the detection results according to percentages to obtain vulnerability benchmark scores and deviation benchmark scores, arranging and combining 3 factors influencing detection difficulty according to 2 classifications, deploying target systems from easy to difficult 8 detection difficulties in a target range, detecting target systems with different detection difficulties by a security service manufacturer, calculating adding scores and deductions according to effective vulnerabilities and invalid vulnerabilities found by detection, averaging scores under different detection difficulties, and obtaining a detection result of security service manufacturer capability by contrasting a capability class division table;
the method specifically comprises the following steps:
(1) Selecting a target system, determining a target pole unit, taking a security detection result of the target system of the target pole unit as a target pole vulnerability set under the condition that the target pole unit provides complete information of the target system and closes a protection strategy of the target system, wherein the detection result comprises vulnerabilities detected in two modes of automatic detection and manual penetration test, the vulnerabilities comprise high-risk, medium-risk and low-risk according to the risk level, and the vulnerabilities are originally classified as CVSS scores;
converting original scores of loopholes found by two detection modes of a marker post unit according to a percentage, wherein the loopholes detected automatically depend on an automatic scanning tool, the value of the loopholes detected by the artificial penetration test is higher, the total score of the loopholes detected automatically is converted according to 30, and the total score of the loopholes detected by the artificial penetration test is converted according to 70, so that the reference score of the loopholes of three levels is obtained;
and (3) calculating an ith vulnerability benchmark score detected in an automatic mode:
wherein: m, n and k are respectively the low-risk, medium-risk and high-risk loopholes detected by the marker post unit in an automatic mode, A i 、B i 、C i A, single low-risk, medium-risk and high-risk vulnerability original scores detected in an automatic mode for a marker post unit i 、b i 、c i The method is characterized in that the method is a single low-risk, medium-risk and high-risk vulnerability benchmark score which is detected in an automatic mode for a marker post unit respectively;
calculating deviation reference points detected in an automatic mode:
when m is greater than 0, the value of m,
when m=0, the number of the m-groups,
when n is greater than 0, the number of times,
when n=0, the number of the n-type switches,
when k is greater than 0, the number of times,
when k= at the time of 0, the temperature of the liquid,
wherein: a ', b ', c ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation benchmark scores detected by a marker post unit in an automatic mode;
calculating the ith vulnerability benchmark score detected by an artificial osmosis mode:
wherein: wherein: x, y and z are respectively the low-risk, medium-risk and high-risk loopholes detected by the marker post unit in an artificial permeation mode, D i 、E i 、F i The single low-risk, medium-risk and high-risk vulnerability original scores are detected by a standard pole unit in a manual permeation mode respectively, and d i 、e i 、f i The method is characterized in that single low-risk, medium-risk and high-risk vulnerability benchmark scores which are respectively detected by a marker post unit in a manual penetration mode are adopted;
calculating deviation reference points detected by an artificial infiltration mode:
when x is greater than 0 and is equal to x,
when x=0, the number of the groups,
when y is greater than 0, the value of y is greater than 0,
when y=0, the number of the groups,
when z is greater than 0, the number of times,
when z=0, the number of times,
wherein: d ', e ' and f ' are respectively low-risk, medium-risk and high-risk level vulnerability deviation standard scores detected by a marker post unit in a manual penetration mode;
(2) The factors for determining the detection difficulty of the target system are three, including the information degree, the protection strategy opening condition and the vulnerability security reinforcement condition; combining 3 factors according to 2 classifications, and deploying 8 kinds of target systems with difficult detection difficulty levels from easy to difficult by utilizing the characteristic of rapidly constructing a test network by using the attack and defense target field energy;
(3) L kinds of detection difficulty are selected from 8 kinds of detection difficulty, L is required to be more than or equal to 3, an security service manufacturer arranges that detection personnel can perform security detection in two modes of automatic detection and manual infiltration on a target system with one detection difficulty, detection is completed within a specified time, and for detected vulnerabilities, a vulnerability utilization mode is required to be provided, and after vulnerability validity verification is performed, an effective vulnerability set and an ineffective vulnerability set are obtained; the loopholes in the effective loopholes set can be in the benchmarking loopholes set or exceed the benchmarking loopholes set, and for the loopholes contained in the benchmarking loopholes set, adding the loopholes in the step (2) according to the deviation reference points; deducting the vulnerabilities in the invalid vulnerability set according to the deviation standard score to obtain a score of the corresponding detection difficulty of the security service manufacturer;
for the j detection difficulty, the security service manufacturer automatically detects the mode score:
wherein: u, v and w are respectively low-risk, medium-risk and high-risk loopholes which are detected by a security service manufacturer in an automatic mode and are contained in a target loophole set, u ', v' and w 'are respectively low-risk, medium-risk and high-risk loopholes which are detected by the security service manufacturer in an automatic mode and are not contained in the target loophole set, and u', v 'and w' are invalid low-risk, medium-risk and high-risk loopholes which are detected by the security service manufacturer in an automatic mode and are contained in a detection result;
for the j detection difficulty, the manual penetration detection mode of the security service manufacturer scores:
wherein: r, s and t are respectively low-risk, medium-risk and high-risk loopholes which are detected by a security service manufacturer in a manual permeation mode and are contained in a marker post loophole set, r ', s' and t 'are respectively low-risk, medium-risk and high-risk loopholes which are detected by the security service manufacturer in the manual permeation mode and are not contained in the marker post loophole set, and r', s 'and t' are invalid low-risk, medium-risk and high-risk loopholes which are detected by the security service manufacturer in the manual permeation mode;
for the j detection difficulty, the security service manufacturer scores:
p j =g j +h j (21)
(4) In order to reduce the randomness of the detection result, carrying out arithmetic average on the scores of N detection difficulties to obtain a final score of the safety manufacturer capability test;
and finally, the score lambda of the security service manufacturer is compared with the capability class dividing table to obtain the capability test result of the security service manufacturer.
2. The method according to claim 1, wherein the capability inspection of the security service manufacturer is directed to batch security inspection personnel, the inspection difficulty is notified to the inspection personnel or not, the same inspection personnel is directed to different inspection difficulties, the detected vulnerabilities may be different, and the inspection result of the capability of the security service manufacturer may be different.
3. The method of claim 1, wherein the security service vendor capability test score exceeds 100 if the security service vendor test result vulnerability set exceeds the benchmarking vulnerability set.
CN202210689890.6A 2022-06-17 2022-06-17 Method for checking capability of security service manufacturer Active CN115102751B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210689890.6A CN115102751B (en) 2022-06-17 2022-06-17 Method for checking capability of security service manufacturer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210689890.6A CN115102751B (en) 2022-06-17 2022-06-17 Method for checking capability of security service manufacturer

Publications (2)

Publication Number Publication Date
CN115102751A CN115102751A (en) 2022-09-23
CN115102751B true CN115102751B (en) 2023-09-15

Family

ID=83291517

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210689890.6A Active CN115102751B (en) 2022-06-17 2022-06-17 Method for checking capability of security service manufacturer

Country Status (1)

Country Link
CN (1) CN115102751B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119236A (en) * 2006-07-31 2008-02-06 中国航天科技集团公司第五研究院第五一○研究所 Network safety integrated estimation system
CN102664876A (en) * 2012-04-10 2012-09-12 星云融创(北京)科技有限公司 Method and system for detecting network security
WO2014107104A1 (en) * 2013-01-02 2014-07-10 Netpeas S.A. System and method for the scoring, evaluation and ranking of the assets of the information system
CN105635121A (en) * 2015-12-23 2016-06-01 赛尔网络有限公司 Vulnerability severity level distribution statistical method based on manufacturers, device and system
CN111199042A (en) * 2019-12-17 2020-05-26 中国南方电网有限责任公司超高压输电公司 Safe and efficient vulnerability management system
CN112131574A (en) * 2020-09-16 2020-12-25 上海中通吉网络技术有限公司 Method, system and equipment for determining information security vulnerability level
CN113704767A (en) * 2021-08-10 2021-11-26 北京凌云信安科技有限公司 Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system
WO2022042010A1 (en) * 2020-08-27 2022-03-03 山东英信计算机技术有限公司 Vulnerability processing method, apparatus and device, and computer-readable storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4819542B2 (en) * 2006-03-24 2011-11-24 株式会社日立製作所 Biometric authentication system and method with vulnerability verification
US10290001B2 (en) * 2014-10-28 2019-05-14 Brighterion, Inc. Data breach detection
CN104540134B (en) * 2014-12-03 2018-07-06 北京奇安信科技有限公司 Wireless access node detection method, wireless network detecting system and server
US10791137B2 (en) * 2018-03-14 2020-09-29 Synack, Inc. Risk assessment and remediation

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119236A (en) * 2006-07-31 2008-02-06 中国航天科技集团公司第五研究院第五一○研究所 Network safety integrated estimation system
CN102664876A (en) * 2012-04-10 2012-09-12 星云融创(北京)科技有限公司 Method and system for detecting network security
WO2014107104A1 (en) * 2013-01-02 2014-07-10 Netpeas S.A. System and method for the scoring, evaluation and ranking of the assets of the information system
CN105635121A (en) * 2015-12-23 2016-06-01 赛尔网络有限公司 Vulnerability severity level distribution statistical method based on manufacturers, device and system
CN111199042A (en) * 2019-12-17 2020-05-26 中国南方电网有限责任公司超高压输电公司 Safe and efficient vulnerability management system
WO2022042010A1 (en) * 2020-08-27 2022-03-03 山东英信计算机技术有限公司 Vulnerability processing method, apparatus and device, and computer-readable storage medium
CN112131574A (en) * 2020-09-16 2020-12-25 上海中通吉网络技术有限公司 Method, system and equipment for determining information security vulnerability level
CN113704767A (en) * 2021-08-10 2021-11-26 北京凌云信安科技有限公司 Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Intranet网络架构安全评估;杨楚华;;网络安全和信息化(04);全文 *
基于BiLSTM模型的漏洞检测;龚扣林;周宇;丁笠;王永超;;计算机科学(05);全文 *
漏洞自动化跟踪系统模型研究;宋岍龙;许敬伟;周乐坤;魏丽丽;邓晓东;;电脑编程技巧与维护(04);全文 *

Also Published As

Publication number Publication date
CN115102751A (en) 2022-09-23

Similar Documents

Publication Publication Date Title
CN106600095B (en) Reliability-based maintenance assessment method
CN107819771B (en) Information security risk assessment method and system based on asset dependency relationship
Hug et al. Vulnerability assessment of AC state estimation with respect to false data injection cyber-attacks
CN110324316A (en) A kind of industry control anomaly detection method based on a variety of machine learning algorithms
CN109347823B (en) CAN bus abnormality detection method based on information entropy
CN109064018A (en) A kind of information security risk evaluation system and method
CN113434866B (en) Unified risk quantitative evaluation method for instrument function safety and information safety strategies
CN111641637B (en) Edge node calculation result credibility judgment method based on trust evaluation
CN115102751B (en) Method for checking capability of security service manufacturer
CN111126832A (en) Automobile information safety test evaluation method
CN106997437A (en) A kind of system vulnerability means of defence and device
CN102360485B (en) Software method and system for incremental risk evaluation
CN107347074A (en) A kind of method for determining network equipment security
CN103970129A (en) Control valve adhesion detecting method
CN114491561A (en) Method and device for evaluating security vulnerability processing priority
CN115225402A (en) New energy information security risk management system and method based on ISMS model
CN115689372A (en) Vulnerability estimation method and system for circumferential weld of oil and gas pipeline
CN115860455A (en) Transformer substation asset monitoring risk assessment method
CN102708041A (en) Method for calculating minimal software believability test case number
CN114756870A (en) Multi-dimensional information security risk assessment system based on SoS system
CN114022022A (en) Industrial network security risk assessment method, device, equipment and storage medium
CN115580426A (en) 5G power service system threat detection method, system, memory and equipment
CN108470229A (en) One kind being based on CpkThe reliability of bulk article enter detecting method
McCann et al. In-line inspection performance verification
CN117692143B (en) Communication key management method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant