CN117150506A - Vulnerability full life cycle management operation system and method - Google Patents
Vulnerability full life cycle management operation system and method Download PDFInfo
- Publication number
- CN117150506A CN117150506A CN202311132894.5A CN202311132894A CN117150506A CN 117150506 A CN117150506 A CN 117150506A CN 202311132894 A CN202311132894 A CN 202311132894A CN 117150506 A CN117150506 A CN 117150506A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- module
- information
- code
- report
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims description 30
- 238000012795 verification Methods 0.000 claims abstract description 35
- 238000001514 detection method Methods 0.000 claims abstract description 16
- 238000012360 testing method Methods 0.000 claims description 51
- 230000005540 biological transmission Effects 0.000 claims description 24
- 238000012545 processing Methods 0.000 claims description 6
- 238000012546 transfer Methods 0.000 claims description 6
- 230000000007 visual effect Effects 0.000 claims description 4
- 230000006870 function Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000013522 software testing Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Abstract
The application relates to a vulnerability whole life cycle management operation system, which relates to the technical field of information security, and comprises a vulnerability discovery module, a vulnerability detection module and a vulnerability management module, wherein the vulnerability discovery module is used for collecting system information of a target system and carrying out vulnerability scanning to discover vulnerabilities; the vulnerability verification module is used for verifying the vulnerability discovered by the vulnerability discovery module and outputting a verification result; the vulnerability reporting module is used for sending a vulnerability report when the verification result output by the vulnerability verification module is that a vulnerability exists; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; and the operation management module is used for receiving the vulnerability report sent by the vulnerability report module and classifying and archiving the vulnerabilities based on the vulnerability report.
Description
Technical Field
The application relates to the technical field of system security, in particular to a vulnerability full life cycle management operation system and method.
Background
During the operation of an application system, some vulnerabilities may be found, which may occur on specific implementations of hardware, software, protocols, or system security policies. An attacker can exploit these vulnerabilities to unauthorized access or destroy the system.
To detect these vulnerabilities, scanning is typically performed using vulnerability scanning software. However, vulnerability scanning tools often have a false positive problem, i.e., there may be some false reports in the scanned vulnerability inventory. In order to find out the false alarms, we need to check the vulnerability list manually one by one, but this method has low accuracy and consumes a lot of manpower resources. And meanwhile, the full life cycle of the vulnerability cannot be managed.
How to manage the whole life cycle of the vulnerability is a technical difficulty that needs to be overcome in the field.
Disclosure of Invention
In order to at least partially solve the above technical problems, the present application provides a vulnerability whole life cycle management operation system and method.
In a first aspect, the vulnerability whole life cycle management operation system provided by the application adopts the following technical scheme.
A vulnerability full lifecycle management operation system, comprising:
the vulnerability discovery module is used for collecting system information of the target system and carrying out vulnerability scanning to discover vulnerabilities;
the vulnerability verification module is used for verifying the vulnerability discovered by the vulnerability discovery module and outputting a verification result;
the vulnerability reporting module is used for sending a vulnerability report when the verification result output by the vulnerability verification module is that a vulnerability exists; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and the operation management module is used for receiving the vulnerability report sent by the vulnerability report module and classifying and archiving the vulnerabilities based on the vulnerability report.
Optionally, the system information includes system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
Optionally, performing vulnerability detection on each module includes:
s301, selecting an nth module according to the sequence of the occurrence times; initially, n=1;
s302, acquiring a test case code of an nth module;
s303, testing the test case code through a fuzzy test algorithm to judge whether an error code exists;
s3031, if no error code is found, adding 1 to n and returning to S301;
s3032, if the error code is found, analyzing the found error code to obtain the vulnerability of the nth module, adding 1 to n, and returning to S301.
Optionally, testing the test case code by a fuzzy test algorithm to determine whether an error code exists, including:
acquiring a test code through a code acquisition tool; the code acquisition tool comprises a text editor and an online code library;
selecting a test case code based on the function of the module and the boundary condition of the code;
running the test case code and randomly inputting a character string to obtain an output result;
checking whether the output result is correct or not by a fuzzy test algorithm and outputting an error counter result.
Optionally, after obtaining the vulnerability of the nth module, the method further includes:
judging whether the loopholes of the nth module are known loopholes or not;
if not, generating a repair sending instruction; the repair instruction is used for prompting the bug repair;
and receiving the patch sent from the outside to repair the vulnerability and storing the patch to the operation management module.
Optionally, the verifying the vulnerability discovered by the vulnerability discovery module and outputting a verification result includes:
receiving vulnerability information sent by the vulnerability discovery module;
obtaining the type and the feature of the vulnerability through the vulnerability information;
matching corresponding vulnerability libraries based on the types of the vulnerabilities;
comparing the vulnerability characteristics with vulnerabilities in the vulnerability database, and judging whether the vulnerability characteristics are matched with one of the vulnerabilities in the vulnerability database; if the two types of the data are matched, the verification result is that the loopholes exist.
Optionally, the vulnerability reporting module is further configured to:
and respectively counting the vulnerability names, the vulnerability types and the vulnerability occurrence times and generating a visual chart.
Optionally, the system further comprises: the early warning module is used for: and when the number of loopholes of one loophole type is larger than a preset value, sending early warning information to the external terminal.
The application also provides a vulnerability whole life cycle management operation method, which comprises the following steps:
collecting system information of a target system and performing vulnerability scanning to find vulnerabilities;
verifying the loopholes discovered by the loophole discovery module and outputting a verification result;
when the verification result output by the vulnerability verification module is that a vulnerability exists, sending a vulnerability report; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and receiving a vulnerability report sent by the vulnerability reporting module and classifying and archiving the vulnerabilities based on the vulnerability report.
Optionally, the system information includes system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
Drawings
FIG. 1 is a system block diagram of a vulnerability whole life cycle management operation system according to an embodiment of the present application;
in the figure, 101, a vulnerability discovery module; 102. a vulnerability verification module; 103. a vulnerability reporting module; 104. an operation management module; 105. and an early warning module.
Detailed Description
The application is further illustrated by the following description of the specific embodiments in conjunction with the accompanying drawings of fig. 1:
first, what needs to be described here is: in the description of the present application, terms such as "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," "outer," and the like are used for convenience of description only as regards orientation or positional relationship as shown in the accompanying drawings, and do not denote or imply that the apparatus or element in question must have a particular orientation, be constructed and operated in a particular orientation, and thus should not be construed as limiting the present application; moreover, the numerical terms such as the terms "first," "second," "third," etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. In addition, unless explicitly stated or limited otherwise, the terms "mounted," "connected," and "connected" should be construed broadly, and may be, for example, a fixed connection, a releasable connection, an interference fit, a transition fit, or an integral connection; can be directly connected or indirectly connected through an intermediate medium; the specific meaning of the above terms in the present application will be understood by those skilled in the art according to the specific circumstances.
The embodiment of the application discloses a vulnerability full life cycle management operation system. Referring to fig. 1, as an embodiment of a vulnerability whole life cycle management operation system, a vulnerability whole life cycle management operation system includes:
the vulnerability discovery module 101 is configured to collect system information of a target system and perform vulnerability scanning to discover vulnerabilities;
the vulnerability verification module 102 is configured to verify the vulnerability discovered by the vulnerability discovery module 101 and output a verification result;
the vulnerability reporting module 103 is configured to send a vulnerability report when the verification result output by the vulnerability verification module 102 is that a vulnerability exists; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and the operation management module 104 is configured to receive the vulnerability report sent by the vulnerability reporting module 103 and classify and archive vulnerabilities based on the vulnerability report.
Specifically, loopholes in the target system are found through loophole scanning, so that safety problems in the system are found in time, and the loopholes are prevented from being maliciously utilized; and verifying the discovered loopholes, and avoiding the situations of false alarm and missing report. And when the verification result is that the loopholes exist, generating a loophole report, and classifying and archiving the loopholes according to the report. And the vulnerability condition in the system is convenient to know, and effective management and maintenance are carried out.
As a specific implementation mode of the vulnerability whole life cycle management operation system, the system information comprises system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
Specifically, the vulnerability detection is sequentially carried out on each module according to the sequence of the occurrence times from more to less, so that the vulnerability detection can be carried out on important modules preferentially, and the vulnerability detection is more targeted.
As a specific implementation mode of the vulnerability whole life cycle management operation system, the vulnerability detection for each module comprises the following steps:
s301, selecting an nth module according to the sequence of the occurrence times; initially, n=1;
s302, acquiring a test case code of an nth module;
s303, testing the test case code through a fuzzy test algorithm to judge whether an error code exists;
s3031, if no error code is found, adding 1 to n and returning to S301;
s3032, if the error code is found, analyzing the found error code to obtain the vulnerability of the nth module, adding 1 to n, and returning to S301.
In particular, fuzzy testing is an automated software testing method that triggers potential vulnerabilities in software by generating random or pseudo-random input data. Many common software vulnerabilities can be detected using fuzzy test algorithms, such as buffer overflows, null pointer references, formatting string attacks, etc. And testing the test case codes through a fuzzy test algorithm to judge whether error codes exist. If no error code is found, add 1 to n and return to S301; if the error code is found, analyzing the found error code to obtain the vulnerability of the nth module, and performing vulnerability detection on each module, so that developers are helped to quickly find and repair potential vulnerabilities in software.
As a specific implementation mode of the vulnerability whole life cycle management operation system, the testing case code is tested through a fuzzy testing algorithm to judge whether an error code exists, and the method comprises the following steps:
acquiring a test code through a code acquisition tool; the code acquisition tool comprises a text editor and an online code library;
selecting a test case code based on the function of the module and the boundary condition of the code;
running the test case code and randomly inputting a character string to obtain an output result;
checking whether the output result is correct or not by a fuzzy test algorithm and outputting an error counter result.
Specifically, the test case codes are tested through a fuzzy test algorithm, so that whether error codes exist or not can be automatically found and judged, and the accuracy and the efficiency of vulnerability detection are improved; the code acquisition tool is used for acquiring the test code, so that the code of the module can be conveniently acquired, whether the output result is correct or not is checked through the fuzzy test algorithm, the error counter result is output, the vulnerability can be rapidly identified and recorded, and the follow-up repair and follow-up are convenient.
As a specific implementation mode of the vulnerability full life cycle management operation system, after obtaining the vulnerability of the nth module, the vulnerability full life cycle management operation system further comprises:
judging whether the loopholes of the nth module are known loopholes or not;
if not, generating a repair sending instruction; the repair instruction is used for prompting the bug repair;
and receiving the externally transmitted patch to perform bug fixes and saving the patch to the operation management module 104.
Specifically, the system determines whether the vulnerability of the nth module is a known vulnerability, and if the vulnerability is a known vulnerability, the system may already have a patch of the vulnerability and directly sends the instruction. If the vulnerability is not known, the system generates a patching instruction, which is used to prompt for bug patching, and the instruction may be sent to the user in a text, mail, message, etc. And after receiving the patching instruction, the user performs bug patching. And the system receives the externally transmitted patch to repair the loophole. The system stores the received patch to the operation management module 104, records the patching history of the vulnerability, and facilitates subsequent vulnerability management.
As one embodiment of a vulnerability whole life cycle management operation system, the verifying the vulnerability discovered by the vulnerability discovery module 101 and outputting a verification result includes:
receiving vulnerability information sent by the vulnerability discovery module 101;
obtaining the type and the feature of the vulnerability through the vulnerability information;
matching corresponding vulnerability libraries based on the types of the vulnerabilities;
comparing the vulnerability characteristics with vulnerabilities in the vulnerability database, and judging whether the vulnerability characteristics are matched with one of the vulnerabilities in the vulnerability database; if the two types of the data are matched, the verification result is that the loopholes exist.
As one embodiment of a vulnerability whole life cycle management operation system, the vulnerability reporting module 103 is further configured to:
and respectively counting the vulnerability names, the vulnerability types and the vulnerability occurrence times and generating a visual chart.
As one embodiment of the vulnerability whole life cycle management operation system, the system further comprises: an early warning module 105, the early warning module 105 being configured to: and when the number of loopholes of one loophole type is larger than a preset value, sending early warning information to the external terminal.
The embodiment of the application also discloses a vulnerability whole life cycle management operation method, which comprises the following steps:
collecting system information of a target system and performing vulnerability scanning to find vulnerabilities;
verifying the loopholes discovered by the loophole discovery module and outputting a verification result;
when the verification result output by the vulnerability verification module is that a vulnerability exists, sending a vulnerability report; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and receiving a vulnerability report sent by the vulnerability reporting module and classifying and archiving the vulnerabilities based on the vulnerability report.
As one implementation mode of the vulnerability whole life cycle management operation method, the system information comprises system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
As one embodiment of a vulnerability whole life cycle management operation method, performing vulnerability detection on each module includes:
s301, selecting an nth module according to the sequence of the occurrence times; initially, n=1;
s302, acquiring a test case code of an nth module;
s303, testing the test case code through a fuzzy test algorithm to judge whether an error code exists;
s3031, if no error code is found, adding 1 to n and returning to S301;
s3032, if the error code is found, analyzing the found error code to obtain the vulnerability of the nth module, adding 1 to n, and returning to S301.
As one implementation mode of the vulnerability whole life cycle management operation method, the test case code is tested through a fuzzy test algorithm to judge whether an error code exists, and the method comprises the following steps:
acquiring a test code through a code acquisition tool; the code acquisition tool comprises a text editor and an online code library;
selecting a test case code based on the function of the module and the boundary condition of the code;
running the test case code and randomly inputting a character string to obtain an output result;
checking whether the output result is correct or not by a fuzzy test algorithm and outputting an error counter result.
As one embodiment of the vulnerability whole life cycle management operation method, after obtaining the vulnerability of the nth module, the method further includes:
judging whether the loopholes of the nth module are known loopholes or not;
if not, generating a repair sending instruction; the repair instruction is used for prompting the bug repair;
and receiving the patch sent from the outside to repair the vulnerability and storing the patch to the operation management module.
As one embodiment of the vulnerability whole life cycle management operation method, the verifying the vulnerability discovered by the vulnerability discovery module and outputting a verification result includes:
receiving the vulnerability information;
obtaining the type and the feature of the vulnerability through the vulnerability information;
matching corresponding vulnerability libraries based on the types of the vulnerabilities;
comparing the vulnerability characteristics with vulnerabilities in the vulnerability database, and judging whether the vulnerability characteristics are matched with one of the vulnerabilities in the vulnerability database; if the two types of the data are matched, the verification result is that the loopholes exist.
As one embodiment of the vulnerability whole life cycle management operation method, the method further includes:
and respectively counting the vulnerability names, the vulnerability types and the vulnerability occurrence times and generating a visual chart.
As one embodiment of the vulnerability whole life cycle management operation method, the method further includes: and when the number of loopholes of one loophole type is larger than a preset value, sending early warning information to the external terminal.
The embodiment of the application also discloses electronic equipment.
Specifically, the device comprises a memory and a processor, wherein the memory stores a computer program capable of being loaded by the processor and executing any one of the vulnerability whole life cycle management operation methods.
The embodiment of the application also discloses a computer readable storage medium. Specifically, the computer readable storage medium stores a computer program that can be loaded by a processor and execute any one of the vulnerability whole life cycle management operation methods described above, and the computer readable storage medium includes, for example: a U-disk, a removable hard disk, a Read-only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It should be noted that: the above embodiments are only for illustrating the present application and not for limiting the technical solutions described in the present application, and although the present application has been described in detail with reference to the above embodiments, it should be understood by those skilled in the art that the present application may be modified or substituted by the same, and all the technical solutions and modifications thereof without departing from the spirit and scope of the present application are intended to be included in the scope of the claims of the present application.
Claims (10)
1. A vulnerability full lifecycle management operation system, comprising:
the vulnerability discovery module is used for collecting system information of the target system and carrying out vulnerability scanning to discover vulnerabilities;
the vulnerability verification module is used for verifying the vulnerability discovered by the vulnerability discovery module and outputting a verification result;
the vulnerability reporting module is used for sending a vulnerability report when the verification result output by the vulnerability verification module is that a vulnerability exists; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and the operation management module is used for receiving the vulnerability report sent by the vulnerability report module and classifying and archiving the vulnerabilities based on the vulnerability report.
2. The vulnerability whole life cycle management operation system of claim 1, wherein the system information comprises system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
3. The vulnerability full lifecycle management operation system of claim 2, wherein performing vulnerability detection for each module comprises:
s301, selecting an nth module according to the sequence of the occurrence times; initially, n=1;
s302, acquiring a test case code of an nth module;
s303, testing the test case code through a fuzzy test algorithm to judge whether an error code exists;
s3031, if no error code is found, adding 1 to n and returning to S301;
s3032, if the error code is found, analyzing the found error code to obtain the vulnerability of the nth module, adding 1 to n, and returning to S301.
4. The vulnerability whole life cycle management operation system of claim 3, wherein testing the test case code by fuzzy test algorithm to determine if there is an error code comprises:
acquiring a test code through a code acquisition tool; the code acquisition tool comprises a text editor and an online code library;
selecting a test case code based on the function of the module and the boundary condition of the code;
running the test case code and randomly inputting a character string to obtain an output result;
checking whether the output result is correct or not by a fuzzy test algorithm and outputting an error counter result.
5. The vulnerability full lifecycle management operation system as recited in claim 3, further comprising, after obtaining the vulnerability of the nth module:
judging whether the loopholes of the nth module are known loopholes or not;
if not, generating a repair sending instruction; the repair instruction is used for prompting the bug repair;
and receiving the patch sent from the outside to repair the vulnerability and storing the patch to the operation management module.
6. The vulnerability whole life cycle management operation system of claim 5, wherein verifying the vulnerability discovered by the vulnerability discovery module and outputting the verification result comprises:
receiving vulnerability information sent by the vulnerability discovery module;
obtaining the type and the feature of the vulnerability through the vulnerability information;
matching corresponding vulnerability libraries based on the types of the vulnerabilities;
comparing the vulnerability characteristics with vulnerabilities in the vulnerability database, and judging whether the vulnerability characteristics are matched with one of the vulnerabilities in the vulnerability database; if the two types of the data are matched, the verification result is that the loopholes exist.
7. The vulnerability whole life cycle management operation system of claim 6, wherein the vulnerability reporting module is further configured to:
and respectively counting the vulnerability names, the vulnerability types and the vulnerability occurrence times and generating a visual chart.
8. The vulnerability full lifecycle management operation system of claim 7, further comprising: the early warning module is used for: and when the number of loopholes of one loophole type is larger than a preset value, sending early warning information to the external terminal.
9. A vulnerability whole life cycle management operation method, comprising:
collecting system information of a target system and performing vulnerability scanning to find vulnerabilities;
verifying the loopholes discovered by the loophole discovery module and outputting a verification result;
when the verification result output by the vulnerability verification module is that a vulnerability exists, sending a vulnerability report; the vulnerability report comprises a vulnerability name, a vulnerability type and a vulnerability occurrence number; the method comprises the steps of,
and receiving a vulnerability report sent by the vulnerability reporting module and classifying and archiving the vulnerabilities based on the vulnerability report.
10. The vulnerability whole life cycle management operation system of claim 9, wherein the system information comprises system architecture information; the system architecture information comprises a plurality of modules forming a system and information transfer relations among the modules;
the performing vulnerability scanning to find vulnerabilities includes:
constructing information transmission chains among a plurality of modules according to the transmission direction of the service information flow; the business information flow transmission direction takes a module for receiving information as a head end and takes a module for finally receiving information and processing as a tail end;
obtaining the occurrence number of each module based on all the information transmission chains;
and carrying out vulnerability detection on each module in turn according to the sequence of the occurrence times from more to less.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311132894.5A CN117150506A (en) | 2023-09-04 | 2023-09-04 | Vulnerability full life cycle management operation system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311132894.5A CN117150506A (en) | 2023-09-04 | 2023-09-04 | Vulnerability full life cycle management operation system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117150506A true CN117150506A (en) | 2023-12-01 |
Family
ID=88911540
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311132894.5A Pending CN117150506A (en) | 2023-09-04 | 2023-09-04 | Vulnerability full life cycle management operation system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117150506A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
WO2016036321A1 (en) * | 2014-09-05 | 2016-03-10 | Agency For Science, Technology And Research | Methods for generating a vulnerability pattern, methods for determining a security threat, vulnerability pattern generators, and vulnerability pattern scanners |
US20210037038A1 (en) * | 2019-07-30 | 2021-02-04 | Saudi Arabian Oil Company | Cybersecurity vulnerability classification and remediation based on installation base |
CN112416872A (en) * | 2020-06-05 | 2021-02-26 | 山西云时代技术有限公司 | Cloud platform log management system based on big data |
CN114969760A (en) * | 2022-06-16 | 2022-08-30 | 成都欧珀通信科技有限公司 | Vulnerability detection method and device, computer readable medium and electronic equipment |
-
2023
- 2023-09-04 CN CN202311132894.5A patent/CN117150506A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
WO2016036321A1 (en) * | 2014-09-05 | 2016-03-10 | Agency For Science, Technology And Research | Methods for generating a vulnerability pattern, methods for determining a security threat, vulnerability pattern generators, and vulnerability pattern scanners |
US20210037038A1 (en) * | 2019-07-30 | 2021-02-04 | Saudi Arabian Oil Company | Cybersecurity vulnerability classification and remediation based on installation base |
CN112416872A (en) * | 2020-06-05 | 2021-02-26 | 山西云时代技术有限公司 | Cloud platform log management system based on big data |
CN114969760A (en) * | 2022-06-16 | 2022-08-30 | 成都欧珀通信科技有限公司 | Vulnerability detection method and device, computer readable medium and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6907430B2 (en) | Method and system for assessing attacks on computer networks using Bayesian networks | |
CN111488578A (en) | Continuous vulnerability management for modern applications | |
CN108650225B (en) | Remote safety monitoring equipment, system and remote safety monitoring method | |
KR102225460B1 (en) | Method of detecting threat based on threat hunting using multi sensor data and apparatus using the same | |
US20090106843A1 (en) | Security risk evaluation method for effective threat management | |
CN112184091B (en) | Industrial control system security threat assessment method, device and system | |
CN110719300B (en) | Method and system for automatic vulnerability verification | |
CN113032792B (en) | System business vulnerability detection method, system, equipment and storage medium | |
CN102812441A (en) | Automated malware detection and remediation | |
CN112003838A (en) | Network threat detection method, device, electronic device and storage medium | |
CN113114680B (en) | Detection method and detection device for file uploading vulnerability | |
WO2021174870A1 (en) | Network security risk inspection method and system, computer device, and storage medium | |
CN110798428A (en) | Detection method, system and related device for violent cracking behavior of account | |
CN111371581A (en) | Method, device, equipment and medium for detecting business abnormity of Internet of things card | |
KR101464736B1 (en) | Security Assurance Management System and Web Page Monitoring Method | |
CN109145609B (en) | Data processing method and device | |
CN116599747A (en) | Network and information security service system | |
CN117150506A (en) | Vulnerability full life cycle management operation system and method | |
KR101973728B1 (en) | Integration security anomaly symptom monitoring system | |
KR20220116410A (en) | Security compliance automation method | |
Muharrom et al. | Analysis of Vulnerability Assessment Technique Implementation on Network Using OpenVas | |
CN115022152A (en) | Method and device for judging threat degree of event and electronic equipment | |
CN111444093B (en) | Method and device for determining quality of project development process and computer equipment | |
CN113836539A (en) | Power engineering control system leak full-flow disposal system and method based on precise test | |
CN112699369A (en) | Method and device for detecting abnormal login through stack backtracking |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |