Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability management system based on multi-engine vulnerability scanning association analysis

A technology of vulnerability scanning and correlation analysis, applied in the field of vulnerability scanning, which can solve problems such as security configuration errors, non-compliance with identification and security specifications, and personnel operation errors.

Active Publication Date: 2018-11-02
北京凌云信安科技有限公司
View PDF7 Cites 63 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (2) The impact of the vulnerability
Different types of software and hardware devices, different versions of the same device, different systems composed of different devices, and the same system under different setting conditions will have different security vulnerabilities.
[0007] (3) Harm of loopholes
[0010] Moreover, whether the information system configuration operation is safe is also an important aspect of security risks. Security configuration errors are generally caused by personnel operating errors
Although there are configuration checklists, industry norms, and programmatic requirements for graded protection that provide operation and maintenance personnel with a basis for checking security configurations, how to quickly and effectively check the various types and quantities of devices and software in the network Security configuration, identifying items that do not comply with security specifications, so as to meet the requirements of rectification and compliance, this is also a difficult problem for operation and maintenance personnel

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability management system based on multi-engine vulnerability scanning association analysis
  • Vulnerability management system based on multi-engine vulnerability scanning association analysis
  • Vulnerability management system based on multi-engine vulnerability scanning association analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0047] The invention proposes a vulnerability management method based on multi-engine vulnerability scanning correlation analysis, which is designed and written in strict accordance with national standards for computer information system security and relevant industry standards.

[0048] Such as figure 1 and figure 2 As shown, the vulnerability management system based on multi-engine vulnerability scanning correlation analysis in the embodiment of the present invention includes: an asset detection management module 100, a syste...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a vulnerability management system based on multi-engine vulnerability scanning association analysis. The vulnerability management system comprises: an asset detection managementmodule used for detecting asset information in a scanning network; a system vulnerability scanning module used for performing vulnerability scanning and analysis on a network device, an operating system, application service and a database according to the asset information, and supporting intelligent service identification; a Web vulnerability scanning module used for automatically parsing data according to the asset information, scanning the data, verifying a discovered WEB vulnerability, and recording a test data packet discovered by vulnerability scanning; a database security scanning module; a security baseline verification module; an industrial control vulnerability scanning module; an APP vulnerability scanning module; a WIFI security detection module; a report association analysismodule; and a whole-network distributed management module. The vulnerability management system provided by the invention can perform association analysis on a detection result and a compliance libraryof information security level protection to generate a level protection evaluation report that meets the specification requirements, and the security requirements of different customers are comprehensively met.

Description

technical field [0001] The invention relates to the technical field of vulnerability scanning, in particular to a vulnerability management system based on correlation analysis of multi-engine vulnerability scanning. Background technique [0002] (1) The emergence of loopholes [0003] Vulnerabilities are primarily the result of errors in design and implementation that compromise information integrity, availability, and confidentiality. Vulnerabilities are often in software, but also at various information system layers, from protocol specifications to design to physical hardware. Vulnerabilities can also be intentional by malicious users or automated malicious code. A single breach in a critical system or network can seriously compromise an organization's security posture. [0004] The term "vulnerability" is defined as vulnerability or "exploitation of weaknesses in information security system design, procedures, implementation, or internal controls to gain unauthorized ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 余精彩
Owner 北京凌云信安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com