KR102270915B1 - Method of providing user-customized vulnerability assessment result report for the security level of the inspection target that matches the asset management authority information - Google Patents

Abstract

The present invention relates to a method of making a weak point diagnosis result report and, more specifically, to a method which is performed by a weak point diagnosis result report making device to create a user-customized report about a security level of an inspection target matched with asset management right information of a user by receiving a report making request including the asset management right information from a user terminal. The method includes the following steps of: searching for a plurality of inspection targets matched with the asset management right information from weak point diagnosis result data including data by attribute, and creating a main template including security levels about the plurality of found inspection targets; creating a sub template including detailed information about an inspection target, having a security level no more than a preset level, of the plurality of inspection targets; forming a chart-type widget based on a preset selection area with respect to a data table included in at least one of the main template and the sub template; providing a diagnosis result report including the main template, the sub template and the widget to the user terminal; and editing the diagnosis result report based on a modification request received from the user terminal.

Description

{METHOD OF PROVIDING USER-CUSTOMIZED VULNERABILITY ASSESSMENT RESULT REPORT FOR THE SECURITY LEVEL OF THE INSPECTION TARGET THAT MATCHES THE ASSET MANAGEMENT AUTHORITY INFORMATION}

The present invention relates to a method for providing a user-customized vulnerability diagnosis result report for an inspection target that matches asset management authority information.

As a system through a network is generalized, checking and maintaining the security of assets included in the system has become an important issue.

In order to check the security of a system asset (hereinafter, a server to be diagnosed), a company (or a server for performing diagnosis) that specializes in diagnosing vulnerabilities on an asset is employed.

The diagnosis execution server provides a diagnosis result report on the vulnerability diagnosis result to the asset manager of the system after performing the vulnerability diagnosis on the assets of the system.

The asset manager reports the security status of the system's assets to the upper-level asset manager or final manager using the diagnosis result report provided.

However, depending on the size of the assets in the system, multiple asset managers may be deployed, and different asset management rights are given to each asset manager. Inconvenience of reprocessing may occur at the request of the manager.

The present invention for solving the above problems is a diagnostic result report writing device capable of creating a user-customized diagnosis result report matching the user's asset management authority, and editing the prepared diagnosis result report according to the user's request for correction; The purpose is to provide a method of writing.

The problems to be solved by the present invention are not limited to the problems mentioned above, and other problems not mentioned will be clearly understood by those skilled in the art from the following description.

A method for creating a vulnerability diagnosis result report according to an embodiment of the present invention for solving the above-described problems is performed by a vulnerability diagnosis result report writing apparatus, and a report preparation request including information on the user's asset management right is received from a user terminal. A method for receiving and generating a user-customized report on the security level of an inspection target that matches the asset management right information, wherein a plurality of inspection targets matching the asset management right information in vulnerability diagnosis result data including data for each attribute and generating a main template including security levels for a plurality of searched inspection targets; generating a sub-template including detailed information about an inspection target whose security level is less than or equal to a preset level among a plurality of searched inspection targets; forming a widget in a chart form based on a preset selection area for a data table included in at least one of the main template and the sub-template; and providing a diagnosis result report including the main template, the sub-template, and the widget to the user terminal. and editing the diagnosis result report based on the correction request received from the user terminal.

In addition, the step of searching for a plurality of inspection targets matching the asset management authority information in the vulnerability diagnosis result table including data for each attribute, and generating a main template including the security level for the plurality of inspection targets is the main The data table of the main template is generated by extracting data matching a plurality of searched inspection targets from among data included in a preset attribute to be included in the template, and matching the extracted data with preset location information.

In addition, the step of generating a sub-template including detailed information on an inspection target whose security level is lower than or equal to a preset level among a plurality of searched inspection targets includes: The data table of the sub-template is created by extracting data matching the inspection target that is below a set level, and matching the extracted data with preset location information.

In addition, the step of providing the diagnosis result report including the main template, the sub-template and the widget to the user terminal may include: a user interface capable of inputting a request for correction of the diagnosis result report together with the diagnosis result report; to provide a user interface).

In addition, the modification request includes a change request for an arrangement order of at least one of an attribute preset to be included in the main template and an attribute preset to be included in a sub-template, and based on the modification request received from the user terminal, The editing of the diagnosis result report may include editing the diagnosis result report according to the received request for change of the arrangement order.

In addition, when a widget is selected by the user terminal on the user interface, a selection area corresponding to the selected widget is displayed on at least one of the main template and sub-template, and the modification request is a widget according to the modification of the displayed selection area. and the editing of the diagnosis result report based on the correction request received from the user terminal includes editing the diagnosis result report according to the received correction request of the widget.

In addition, the inspection target includes a plurality of inspection groups different from each other, each of the plurality of inspection groups includes a plurality of different products, and the request for correction includes one of the inspection groups and products that do not match the asset management authority information. Including a request to add at least one main template, the editing of the diagnosis result report based on the modification request received from the user terminal includes editing the diagnosis result report according to the received additional request.

In addition, when a widget is selected by the user terminal on the user interface, at least one replacement widget having a shape different from that of the selected widget is displayed, and the modification request requests a change to any one of the at least one replacement widgets. wherein the editing of the diagnosis result report based on the correction request received from the user terminal includes editing the diagnosis result report according to the received change request.

In addition, the widget includes a security widget showing a security level, and based on a preset selection area for a data table included in at least one of the main template and the sub-template, forming a widget in a chart form includes: , the lower the security level, the lower the security widget, the higher the priority.

In addition to this, another method for implementing the present invention, another system, and a computer-readable recording medium for recording a computer program for executing the method may be further provided.

According to the present invention as described above, a customized diagnosis result report matching the user's asset management authority is generated, and since the generated diagnosis result report can be edited by the user on the provided editing UI, the report is performed using the diagnosis result report The user's convenience can be improved.

Effects of the present invention are not limited to the effects mentioned above, and other effects not mentioned will be clearly understood by those skilled in the art from the following description.

1 is a block diagram showing the configuration of an apparatus for generating a diagnosis result report according to an embodiment of the present invention.
FIG. 2 is a conceptual diagram illustrating a function of a main template generating module according to FIG. 1 .
3 is a conceptual diagram illustrating a function of a sub-template generating module according to FIG. 1 .
FIG. 4 is a conceptual diagram illustrating a function of the widget forming module according to FIG. 1 .
FIG. 5 is a conceptual diagram exemplarily illustrating a diagnosis result report formed by the diagnosis result report creation apparatus according to FIG. 1 .
6 and 7 are conceptual diagrams for explaining the function of the editing UI providing module according to FIG. 1 .
8 is a conceptual diagram illustrating a process of a method for preparing a diagnosis result report according to an embodiment of the present invention.

Advantages and features of the present invention and methods of achieving them will become apparent with reference to the embodiments described below in detail in conjunction with the accompanying drawings. However, the present invention is not limited to the embodiments disclosed below, but may be implemented in various different forms, and only these embodiments allow the disclosure of the present invention to be complete, and those of ordinary skill in the art to which the present invention pertains. It is provided to fully understand the scope of the present invention to those skilled in the art, and the present invention is only defined by the scope of the claims.

The terminology used herein is for the purpose of describing the embodiments and is not intended to limit the present invention. As used herein, the singular also includes the plural unless specifically stated otherwise in the phrase. As used herein, “comprises” and/or “comprising” does not exclude the presence or addition of one or more other components in addition to the stated components. Like reference numerals refer to like elements throughout, and "and/or" includes each and every combination of one or more of the recited elements. Although "first", "second", etc. are used to describe various elements, these elements are not limited by these terms, of course. These terms are only used to distinguish one component from another. Accordingly, it goes without saying that the first component mentioned below may be the second component within the spirit of the present invention.

Unless otherwise defined, all terms (including technical and scientific terms) used herein will have the meaning commonly understood by those of ordinary skill in the art to which this invention belongs. In addition, terms defined in a commonly used dictionary are not to be interpreted ideally or excessively unless specifically defined explicitly.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

Referring to FIG. 1 , an apparatus 20 for creating a diagnosis result report according to the present invention is configured to be able to communicate with a user terminal 10 .

In one embodiment, the user terminal 10 and the diagnostic result report writing apparatus 20 may include a control unit, a communication unit, and a memory for processing information.

The control unit, in hardware, ASICs (application specific integrated circuits), DSPs (digital signal processors), DSPDs (digital signal processing devices), PLDs (programmable logic devices), FPGAs (field programmable gate arrays), processors (processors), controller It may be implemented using at least one of controllers, micro-controllers, microprocessors, and other electrical units for performing functions.

In addition, in terms of software, embodiments such as procedures and functions described in this specification may be implemented as separate software modules. Each of the software modules may perform one or more functions and operations described herein.

have. The software code is a software application written in a suitable programming language, and the software code may be implemented. The software code may be stored in the memory and executed by the control unit.

The communication unit may be implemented through at least one of a wired communication module, a wireless communication module, and a short-range communication module. The wireless Internet module refers to a module for wireless Internet access and may be built-in or external to each device. Wireless Internet technologies include WLAN (Wireless LAN) (Wi-Fi), Wibro (Wireless broadband), Wimax (World Interoperability for Microwave Access), HSDPA (High Speed Downlink Packet Access), LTE (long term evolution), LTE-A (Long Term Evolution-Advanced) may be used.

The memory is a flash memory type, a hard disk type

disk type), multimedia card micro type, card type memory (such as SD or XD memory), random access memory (RAM), static random access memory (SRAM), read -only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), a magnetic memory, a magnetic disk, and an optical disk may include at least one type of storage medium.

The diagnosis result report writing apparatus 20 receives vulnerability diagnosis result data from a diagnosis execution server that performs vulnerability diagnosis on a vulnerability diagnosis target, and creates a diagnosis result report based on the received vulnerability diagnosis result data.

In addition, the diagnosis result report preparation device 20 receives the user's asset management right information from the user terminal 10 . The asset management authority information includes information on the list of assets managed by the user among the assets of the entire system.

In an embodiment, the diagnosis result report writing apparatus 20 may create a diagnosis result report by using only data about an asset that matches the user's asset management right information among the diagnosis result data.

In order to receive the diagnosis result data, the diagnosis result report preparation device 20 is communicatively connected to the diagnosis execution server. In one embodiment, the diagnosis result report creation device 20 and the diagnosis execution server may be configured as one device.

In addition, the diagnostic result report writing device 20 is configured to transmit the prepared diagnostic result report to the user terminal 10, and is provided to the user terminal 10 so that the user can edit the received diagnostic result report. ) is configured to provide

Also, the diagnosis result report creation device 20 is configured to receive correction request information for the diagnosis result report input by the user through the editing UI, and edit the diagnosis result report based on the received correction request information.

Hereinafter, with reference to FIG. 1 , an apparatus 20 for generating a diagnosis result report according to an embodiment of the present invention will be described.

1. Description of the diagnostic result report writing device 20 according to the embodiment of the present invention

Referring to FIG. 1 , the diagnostic result report writing device 20 includes a report writing unit 21 and a report editing unit 22 .

The report creation unit 21 is configured to create a diagnosis result report by using the vulnerability diagnosis result data received from the diagnosis execution server.

In an embodiment, the vulnerability diagnosis result data may be configured as a data table including data divided by a plurality of attributes.

Attributes include attributes related to inspection objects, attributes related to diagnostic items, and attributes related to diagnosis results.

Attributes related to the inspection object may include attributes such as inspection group, product, and classification item. The check group may include data such as an operating system (OS), a database (DB), and a network (NW). A product is a detailed attribute linked to an inspection group, and the product may include data corresponding to a detailed type of an operating system (OS) such as Linux and Windows 10. Similarly, MariaDB, Oracle, DB2, etc., which are specific types of database (DB), may be included as product attribute data. Classification items are detailed attributes related to products, meaning that products are classified in detail for diagnosis. For example, the category item is a detailed classification of Linux products for diagnosis, and account management, network service, log management, security patch, etc. may be included as data of the property of the category item.

The attributes related to the diagnostic items may include check items, the number of check items, and the like. The check item attribute may include as data the truth items corresponding to the data included in the attribute related to the inspection target. For example, when the diagnostic item attribute is linked with the file system data of the category attribute, the corresponding diagnostic item attribute may include data such as user UMASK setting and history file permission setting. In addition, the number of check items attribute is an attribute related to the diagnosis item attribute, and the number of diagnosis items attribute includes the number of data included in the diagnosis item attribute as data. For example, if 16 data are included in the diagnostic item attribute linked to the "file system" data of the category attribute, 16 is included as data in the number of diagnostic items attribute.

As an attribute related to the attribute related to the inspection target, the inspection result attribute is calculated using a preset pattern based on the importance of the data included in the attribute of the diagnosis item, the security status of the data included in the attribute of the diagnosis item, and the importance and security state. Security compliance rate and security level may be included.

(1) Description of the report preparation unit 21

To create a diagnosis result report based on the vulnerability diagnosis result data, the report preparation unit 21 includes a main template generating module 211 , a sub-template generating module 212 , and a widget forming module 213 .

Main template generation module (211)

Referring to FIG. 2 , the main template generating module 211 receives asset management right information from the user terminal 10 , and based on data matching the received asset management right information among data included in an attribute related to an inspection target to create the main template.

The main template may be configured using data included in an attribute related to an inspection target, an attribute related to a diagnosis item, and an attribute related to a diagnosis result.

Since both the attributes related to the diagnosis item and the attributes related to the diagnosis result are linked with the data included in the attributes related to the inspection target, the main template can be configured based on the data matching the asset management authority information.

The asset management right information includes information about the type of asset managed by the user. In the illustrated embodiment, the user may manage DB, OS, NW and WAS (Web Application Server). Also, the user can manage only the OS and, among other things, two Linux servers. Also, users can manage only one Linux server.

When the user manages the DB, OS, NW, and WAS (Web Application Server), the main template generation module 211 may search for data included in the check group attribute of the vulnerability diagnosis result data.

In the illustrated embodiment, referring to "Example 1" of the main template generated by the main template generating module 211, OS, DB, NW, and WAS data included in the check group attribute are included in the main template.

In addition, as the attributes associated with the data of the inspection group attribute, the inspection quantity, the number of inspection items, and the total number of inspection items attributes are preset, and the set attributes include data associated with the inspection group attribute data. Regarding 'OS' data, "2" data is included in the inspection quantity attribute, "84" data is included in the number of inspection items attribute, and "168" data is included in the total number of inspection items attribute.

In addition, as attributes related to inspection group attributes, good, weak, interview required, N/A, security compliance rate, and security level attributes are preset, and data of inspection group attribute and total number of inspection items attribute data are set in the set attributes. data associated with it.

Good, Weak, Interview Required, and N/A mean the security status of diagnostic items related to data included in the inspection group. In the illustrated embodiment, it can be seen that the number of items diagnosed as good, weak, interview required, and N/A are sequentially 150, 6, 2, and 10.

The security compliance rate represents a numerical value calculated based on the number of diagnostic items diagnosed with each security state and the importance of each diagnostic item.

The security level refers to the security status of the inspection group and is determined based on the security compliance rate. For example, 0 or more and less than 70 may be set as insufficient, 70 or more and less than 80 are normal, 80 or more and less than 90 may be set as good, and 90 or more as good.

In one embodiment, the security compliance rate may be calculated by dividing the number of diagnostic items diagnosed as good by the sum of the number of diagnostic items diagnosed as good, weak, interview required, and N/A, and reflecting weights according to importance. have. For example, when the importance of each diagnostic item is classified as high, medium, or low, the correction values of 3, 2, and 1 may be multiplied with respect to the diagnostic items having “high”, “medium”, and “low” importance. However, the present invention is not limited thereto.

Attributes included in the main template and linked to the inspection group may be changed according to a setting of the main template generating module 211 . For example, instead of an attribute including the number of diagnostic items diagnosed as good, weak, interview required, and N/A, an attribute in which diagnostic items diagnosed as vulnerable are classified according to importance may be set.

In the illustrated embodiment, referring to "Example 2" of the main template generated by the main template generating module 211, Linux data included in product properties is included in the main template, and properties preset to be included in the main template contains data corresponding to Linux data.

In the illustrated embodiment, referring to "Example 3" of the main template generated by the main template generating module 211, account management, network service, log management, security patch, and main application included in the category attribute in the main template. Settings and file system data are included, and data corresponding to account management, network service, log management, security patch, major application settings, and file system data are included in the properties preset to be included in the main template.

The main template generating module 211 forms the main template at a preset position of the diagnosis result report.

Information on the location of the main template is preset and stored in the memory of the diagnostic result report writing device 20, and the main template generating module 211 matches the asset management authority information and selects the selected attribute and data included in the attribute. The main template is formed by matching with the location information of the template.

In an embodiment, the location information may include a number of a page including a diagnosis result report and a location on the page. For example, the data included in the category attribute may be arranged to match B1:B5 of Sheet 1, and the data included in the number of check items attribute may be arranged to match and arranged to C1:C5 of Sheet 1.

Sub-template generation module (212)

Referring to FIG. 3 , the sub-template generating module 212 searches for data matching "insufficient" data among the data included in the security level attribute among the data included in the attribute related to the inspection target, and returns the retrieved data. Create a sub-template based on

The sub-template may be configured using data included in an attribute related to an inspection target and a preset attribute linked to an attribute related to an inspection target.

In the illustrated embodiment, the main template was written based on the category item attribute (attribute related to the inspection target), and among the data included in the security level attribute, “insufficient” data is matched with the file system data of the category item attribute. Accordingly, the sub-template generating module 212 creates a sub-template based on the file system data.

That is, the attribute preset to be included in the sub-template includes data matching the file system data.

In the illustrated embodiment, the sub-template includes check items, importance, number of vulnerabilities per item, and security status attributes, and each attribute includes data matching file system data.

The sub-template may be set to include an attribute including detailed data on an inspection target whose security level is determined to be insufficient.

Through this, in the main template, the security level for the entire inspection target can be identified, and in the detailed template, detailed data on the inspection target determined to have an insufficient security level can be included.

The main template generating module 211 forms the main template at a preset position of the diagnosis result report.

Information on the location of the sub-template is preset and stored in the memory of the diagnostic result report writing device 20, and the sub-template generating module 212 is included in the preset attribute and selected by data diagnosed as having insufficient security level. The data is matched with the location information of the sub-template to form the sub-template.

In an embodiment, the location information may include a number of a page including a diagnosis result report and a location on the page. For example, the data included in the property of the division item may be arranged to match B8:B22 of Sheet 1, and the data included in the attribute of the check item may be arranged to match and match C8:C22 of the sheet 1.

Widget forming module (213)

Referring to FIG. 4 , the widget forming module 213 is configured to form a widget in a chart form based on a selection area set in a data table forming a main template and a sub-template.

Data matching the selection area among data included in the vulnerability diagnosis result data is specified, and the widget forming module 213 forms a widget in a preset chart form based on the specified data.

Information on the location of the widget is stored in the memory of the diagnostic result report writing device 20, and the widget forming module 213 matches the formed widget with the location information of the widget and arranges it.

The chart form of the widget may be provided in various forms, such as a data table type chart, a graph chart, and a bar chart.

Also, the chart form of the widget may be determined according to the number of properties included in the selection area and the degree of linkage between the properties.

Referring to FIG. 4 , a selection area is indicated by a red line, and a widget is formed by data specified by matching the selection area in the vulnerability diagnosis result data.

In the illustrated embodiment, as the data obtained by classifying the number of items classified as vulnerabilities by importance is specified, a widget is formed showing the number of vulnerabilities discovered by risk in the form of a bar chart.

In addition, in the illustrated embodiment, as the classification item data and the security compliance rate data matching the data are specified, a widget is formed showing the security compliance rate for each classification item in the form of a radial chart.

In addition, in the illustrated embodiment, as the data indicating the number of items diagnosed as vulnerable among the item data and the check items of the segment data is specified, a widget is formed showing the number of vulnerabilities for each item in the form of a bar chart. .

Referring to FIG. 5 , an example of a diagnosis result report formed by the main template generating module 211 , the sub-template generating module 212 and the widget forming module 213 is illustrated.

The widget forming module 213 may arrange a widget in the diagnosis result report in consideration of the security level. For example, when a plurality of widgets indicating the security level for each inspection target are formed, the widgets for the inspection target with the lowest security level may be arranged to be displayed on the upper side and the left side.

The report preparation unit 21 transmits the generated diagnosis result report to the user terminal 10 .

(2) Description of the report editor 22

The report editing unit 22 is configured to receive a correction request from the user terminal 10 and edit the diagnosis result report based on the received correction request.

In order to receive the correction request and edit the diagnosis result report, the report editing unit 22 includes an editing user interface (UI) providing module 221 and a report editing module 222 .

Edit UI (User Interface) providing module (221) and report editing module (222)

The editing UI providing module 221 provides the editing UI to the user terminal 10 , and the user may input information about a part to be modified in the editing UI through the user terminal 10 . The correction request input to the editing UI is received by the editing UI providing module 221 .

Referring to FIG. 6 , an example of an editing UI provided to the user terminal 10 is illustrated. A diagnosis result report created by the report writing unit 21 is displayed on the editing UI, and the user can select the main template, sub-template, and widget displayed on the editing UI by operating the user terminal 10, and request editing.

A user may select a main template and request to add a template, change the arrangement order of properties included in the template, change properties included in the template, and the like. In addition, the user may request a change in the location of the main template.

In the illustrated embodiment, a user may select a main template and request to add a template for an inspection target that is not included in the inspection target of the main template. For example, if the main template is created in the category of the current category (account management, network service, etc.), the user can request to add the main template including the category of the product (Linux, Window 10, etc.), and check You can request to add a main template that includes categories of groups (OS, DB, NW, etc.).

That is, in response to a user's request, a main template for inspection targets not included in the user's asset management authority may be added.

As the main template addition request is received, the report editing module 222 adds the requested main template.

Also, in the illustrated embodiment, the user may request to change the arrangement order of the attributes included in the main template. You can request that the "Number of Check Items" attribute that was placed next to the "Category" attribute be moved next to the "Security Level" attribute. A drag and drop method may be used as a request method. When the user selects any one property, the area of the corresponding property is displayed, and the user can move the displayed area to another location by dragging it. As the request for changing the location of the property is requested, the report editing module 222 changes the location of the requested property.

Also, in the illustrated embodiment, the user may request a change of an attribute included in the main template. The user may request to change the attribute for the number of diagnostic items diagnosed as each security status (good, weak, interview required, N/A) to the attribute for the number of check items diagnosed as vulnerable. In an embodiment, mutually changeable attributes are preset, and as a user selects a specific attribute, a changeable attribute matching the selected attribute may be displayed. As the attribute change is requested, the report editing module 222 changes the requested attribute.

Also, in an embodiment not shown, a user may request to add a sub-template. For example, only a sub-template for “file system” is currently displayed, but a sub-template for “security patch” may be added by a user's request. When the sub-template is requested to be added, the report editing module 222 adds the sub-template.

Also, in an embodiment not shown, the user may request a change in the location of the sub-template. As the sub-template location change is requested, the report editing module 222 changes the location of the sub-template.

In the illustrated embodiment, when the user selects a sub-template, all attributes that can be included in the sub-template and the current display state (on/off) are displayed, and the attribute that the user is currently in the display (on) state is not displayed (off). ) state or request to change the currently undisplayed (off) state to the displayed (on) state. As the request for changing the attribute display is received, the report editing module 222 excludes or adds the requested attribute from the sub-template.

Referring to FIG. 7 , a user may select a specific widget and request modification of the selected widget.

In the illustrated embodiment, when the user selects a specific widget, a form of a widget that can be replaced with the selected widget may be displayed. Currently, the number of vulnerabilities widget by category is displayed in the form of a bar chart, but it can be changed to a pie chart, table chart, graph chart, etc. according to the user's selection. As the request for changing the widget form is received, the report editing module 222 changes the widget to the requested form.

In the illustrated embodiment, the user may select a specific widget and request to change the location of the selected widget to another location. As the widget location change is requested, the report editing module 222 changes the widget location.

In the illustrated embodiment, when the user selects a specific widget, a selection area corresponding to the corresponding widget is displayed, and the widget may be modified as the user modifies the selection area. When the user selects a widget showing the security compliance rate for each classification item, a selection area corresponding to the widget is displayed. When the user changes the selected area to data on the number of classifications by security status (good, weak, interview required, N/A) of the file system and diagnostic items, the widget indicating the security compliance rate for each classification item is displayed in the changed selected area and It can be changed to the corresponding widget (security status of the file system). As the request for changing the selection area is received, the report editing module 222 changes the widget to a widget corresponding to the changed selection area.

When editing is completed, the report editing module 222 transmits the edited diagnosis result report to the user terminal 10 .

2. Description of a method for preparing a diagnosis result report according to an embodiment of the present invention

Hereinafter, a method for preparing a diagnosis result report according to an embodiment of the present invention will be described with reference to FIG. 8 .

When the diagnosis result report creation device 20 receives the asset management right information from the user terminal 10, the main template generation module 211 generates a main template based on the asset management right information (S10).

Specifically, the main template generating module 211 searches for a plurality of inspection targets matching the asset management authority information in the vulnerability diagnosis result data, and generates a main template including security levels for the plurality of inspection targets.

Attributes included in the main template are preset, and the main template creation module 211 extracts data matching a plurality of inspection targets found among data of preset attributes, matches the extracted data with preset location information, and Create a data table for the template.

Since the detailed generation process of the main template is included in the description of the diagnostic result report creation device 20, it is replaced with this.

When the main template is generated, the sub-template generating module 212 generates a sub-template including detailed information about the inspection target whose security level is lower than or equal to the preset level among the plurality of search targets (S20).

Specifically, the sub-template generating module 212 searches for an inspection target that matches data whose security level is less than or equal to a preset level among inspection targets included in the main template. In an embodiment, the preset level may be data having a security level of “weak”.

Attributes included in the sub-template are preset, and the sub-template generating module 211 matches data matching the inspection target searched for by the sub-template generating module 212 among the data of the preset attribute with preset location information to serve Create a template data table.

Since the detailed generation process of the sub-template is included in the description of the diagnostic result report creation device 20, it is replaced with this.

When the sub-template is created, the widget forming module 213 forms a widget in the form of a chart based on a preset selection area for the data table included in at least one of the main template and the sub-template (S30).

Since the detailed creation process of the widget is included in the description of the diagnostic result report creation device 20, it is replaced with this.

When the widget is generated, the report creation unit 21 transmits the diagnosis result report including the main template, sub-template, and widget to the user terminal 10 (S40).

Also, the editing UI providing module 221 provides an editing UI for editing the diagnosis result report to the user terminal 10 together with the diagnosis result report.

Since the detailed process of transmitting the diagnosis result report and providing the editing UI is included in the description of the diagnosis result report writing apparatus 20, it is replaced therewith.

When the diagnosis result report and editing UI are provided, the report editing module 222 receives a correction request inputted in the editing UI from the user terminal 10, and edits the diagnosis result report based on the received correction request (S50) .

The modification request input to the editing UI may include a change request for the arrangement order of at least one of an attribute preset to be included in the main template and an attribute preset to be included in the sub-template.

As the change request for the batch order is received, the report editing module 222 edits the diagnosis result report based on the received correction request.

In addition, when a widget is selected by the user terminal 10 on the editing UI, a selection area corresponding to the selected widget is displayed on at least one of the main template and the sub-template, and the correction request input to the editing UI is the displayed selection area Includes a request to modify the widget according to the modification of

When a request for modification of the widget according to the modification of the selected area is received, the report editing module 222 edits the diagnosis result report based on the received modification request.

In addition, the inspection target includes a plurality of different inspection groups, each of the plurality of inspection groups includes a plurality of different products, and the correction request input to the editing UI includes an inspection group that does not match the asset management authority information and Includes a request for additional modification of the main template for at least one of the products.

As the main template addition modification request is received, the report editing module 222 edits the diagnosis result report based on the received modification request.

In addition, when a widget is selected by the user terminal 10 on the editing UI, at least one replacement widget having a shape different from the selected widget is displayed, and the modification request includes a change request to any one of the at least one replacement widget do.

In addition, a correction request included in the description of the diagnostic result report writing device 20 may be included, and as the correction request is received, the report editing module 222 edits the diagnosis result report based on the received correction request. .

The diagnostic result report writing method according to the embodiment of the present invention described above differs from the diagnostic result report writing device 20 described with reference to FIGS. 1 to 7 only in the category of the invention, and since the content is the same, overlapping descriptions and examples are omitted. let it do

The method according to an embodiment of the present invention described above may be implemented as a program (or application) to be executed in combination with a server, which is hardware, and stored in a medium.

The above-described program is C, C++, JAVA, machine language, etc. that a processor (CPU) of the computer can read through a device interface of the computer in order for the computer to read the program and execute the methods implemented as a program It may include code (Code) coded in the computer language of Such code may include functional code related to a function defining functions necessary for executing the methods, etc., and includes an execution procedure related control code necessary for the processor of the computer to execute the functions according to a predetermined procedure. can do. In addition, the code may further include additional information necessary for the processor of the computer to execute the functions or code related to memory reference for which location (address address) in the internal or external memory of the computer to be referenced. have. In addition, when the processor of the computer needs to communicate with any other computer or server located remotely in order to execute the above functions, the code uses the communication module of the computer to determine how to communicate with any other computer or server remotely. It may further include a communication-related code for whether to communicate and what information or media to transmit and receive during communication.

The storage medium is not a medium that stores data for a short moment, such as a register, a cache, a memory, etc., but a medium that stores data semi-permanently and can be read by a device. Specifically, examples of the storage medium include, but are not limited to, ROM, RAM, CD-ROM, magnetic tape, floppy disk, and optical data storage device. That is, the program may be stored in various recording media on various servers accessible by the computer or in various recording media on the computer of the user. In addition, the medium may be distributed in a computer system connected by a network, and a computer readable code may be stored in a distributed manner.

The steps of a method or algorithm described in relation to an embodiment of the present invention may be implemented directly in hardware, as a software module executed by hardware, or by a combination thereof. A software module may contain random access memory (RAM), read only memory (ROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, hard disk, removable disk, CD-ROM, or It may reside in any type of computer-readable recording medium well known in the art to which the present invention pertains.

As mentioned above, although embodiments of the present invention have been described with reference to the accompanying drawings, those skilled in the art to which the present invention pertains can realize that the present invention can be embodied in other specific forms without changing its technical spirit or essential features. you will be able to understand Therefore, it should be understood that the embodiments described above are illustrative in all respects and not restrictive.

10: user terminal
21: Report writing department
211: main template creation module
212: sub-template creation module
213: widget forming module
22: Report editorial department
211: Edit UI providing module
222: report editing module

Claims (10)

It is performed by the vulnerability diagnosis result report writing device, and receives a report writing request including the user's asset management right information from the user terminal, and generates a user-customized report on the security level of the inspection target that matches the asset management right information As a way to
A plurality of inspection targets matching the asset management authority information are searched for in vulnerability diagnosis result data including an inspection target and attribute-specific data matching the inspection target, and the plurality of inspection targets and the searched plurality of inspection targets are matched generating a main template in the form of a data table that includes data for each attribute to be used and includes a security level in the data for each attribute;
generating a sub-template in the form of a data table including an inspection target having a security level lower than or equal to a preset level among a plurality of inspection targets found and data for each detailed attribute matching the inspection target having a security level lower than or equal to a preset level;
forming a widget in a chart form based on data included in a preset selection area for at least one data table of the main template and the sub-template; and
providing a diagnosis result report including the main template, the sub-template, and the widget to the user terminal; and
Comprising the step of editing the diagnosis result report based on the correction request received from the user terminal,
The step of creating the main template,
Extracting data that matches a plurality of search targets from among the data included in the properties set to be included in the main template, and matching the extracted data with preset location information to create a data table of the main template,
The step of generating the sub-template comprises:
Among the data included in the properties set to be included in the sub-template, data matching the inspection target whose security level is less than or equal to the preset level is extracted, and the data table of the sub-template is created by matching the extracted data and preset location information. will,
The data for each attribute is data generated based on the data for each detailed attribute,
The step of forming the widget in the form of a chart,
specifying data matching the selection area among data included in the vulnerability diagnosis result data; and
Forming a widget in the form of a preset chart matching the specified data,
The chart form of the formed widget is determined based on the number of properties matching the data included in the preset selection area and the relationship between the plurality of matching properties,
The step of providing a diagnosis result report including the main template, the sub-template and the widget to the user terminal,
It is to provide a user interface (User Interface) that can input a correction request for the diagnosis result report together with the diagnosis result report,
When a widget is selected by the user terminal on the user interface, a selection area corresponding to the selected widget is displayed on at least one of the main template and sub-template, and at least one replacement widget having a shape different from that of the selected widget is displayed. becomes,
The amendment request is
a request to change an existing widget into a widget corresponding to the modified selection area as the selection area displayed by the user terminal is modified;
a change request to any one of the at least one replacement widget; and
Including; addition of a main template including data on the inspection target that does not match the asset management authority;
The step of editing the diagnosis result report based on the correction request received from the user terminal comprises:
Editing the diagnosis result report according to the received request for correction of the widget,
How to provide a vulnerability diagnosis result report. delete delete delete According to claim 1,
The amendment request is
including a change request for the arrangement order of at least one of an attribute preset to be included in the main template and an attribute preset to be included in a sub-template,
The step of editing the diagnosis result report based on the correction request received from the user terminal comprises:
Editing the diagnosis result report according to the received change request for the batch order,
How to provide a vulnerability diagnosis result report.
delete According to claim 1,
The inspection target includes a plurality of different inspection groups,
Each of the plurality of check groups includes a plurality of different products,
The modification request includes a main template addition request for at least one of a check group and a product that do not match the asset management authority information,
The step of editing the diagnosis result report based on the correction request received from the user terminal comprises:
Editing the diagnosis result report according to the received additional request,
How to provide a vulnerability diagnosis result report.
delete According to claim 1,
The widget includes a security widget showing the security level,
The step of forming a widget in the form of a chart based on a preset selection area for a data table included in at least one of the main template and the sub-template includes:
The lower the security level of the security widget, the higher the priority.
How to provide a vulnerability diagnosis result report. Stored in a computer-readable recording medium in combination with a computer that is hardware, to execute the method of any one of claims 1, 5, 7 and 9,
program.

Images