Patents
Literature
Hiro is an intelligent assistant for R&D personnel, combined with Patent DNA, to facilitate innovative research.
Hiro

92 results about "Vulnerability management" patented technology

Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with Vulnerability assessment.

Vulnerability management system based on multi-engine vulnerability scanning association analysis

ActiveCN108737425AMeet safety construction requirementsEfficient and accurate executionTransmissionVulnerability managementOperational system
The invention provides a vulnerability management system based on multi-engine vulnerability scanning association analysis. The vulnerability management system comprises: an asset detection managementmodule used for detecting asset information in a scanning network; a system vulnerability scanning module used for performing vulnerability scanning and analysis on a network device, an operating system, application service and a database according to the asset information, and supporting intelligent service identification; a Web vulnerability scanning module used for automatically parsing data according to the asset information, scanning the data, verifying a discovered WEB vulnerability, and recording a test data packet discovered by vulnerability scanning; a database security scanning module; a security baseline verification module; an industrial control vulnerability scanning module; an APP vulnerability scanning module; a WIFI security detection module; a report association analysismodule; and a whole-network distributed management module. The vulnerability management system provided by the invention can perform association analysis on a detection result and a compliance libraryof information security level protection to generate a level protection evaluation report that meets the specification requirements, and the security requirements of different customers are comprehensively met.
Owner:北京凌云信安科技有限公司

System and method for managing security of general network

The invention discloses a system and a method for managing security of a general network, and mainly overcomes the defects of poor openness and expansibility and weak functional completeness existing in the prior network security management system. The system mainly comprises peripheral equipment, a security agent terminal, a security management center and terminal management equipment, wherein the security management center applies security technology of network access control, intrusion detection, virus detection and vulnerability management to the security agent terminal through an interface component, a data base module and a user interface component; and under the unified management and control, all security technology is mutually complemented and matched to detect and control network behaviors, so that a distributed security protection system structure in which security strategies are under central management and the security detection is separately distributed is formed. The system and the method have the advantages of flexible configuration, easy expansion, good openness, support of the different level management, and suitability for the security management and protection of the computer network in governments, colleges and universities, and large- and medium-sized enterprises.
Owner:XIDIAN UNIV

Method and system for providing wireless vulnerability management for local area computer networks

A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.
Owner:AIRTIGHT NETWORKS

Expert system for detecting software security threats

An instance of a vulnerability risk management (VRM) module and a vulnerability management expert decision system (VMEDS) module are instantiated in a cloud. The VMEDS module imports scan results from a VRM vulnerability database and saves them as vulnerabilities to be reviewed in a VMEDS database. The VMEDS module converts vulnerabilities into facts. The VMEDS module builds a rule set in the knowledge base to verify whether certain vulnerabilities are false positives. Rules related to a vulnerability are received in plain English from a web-based front-end application. The VMEDS module tests each rule against all of the facts using the Rete algorithm. The VMEDS module executes the action associated with the rule derived from the Rete algorithm. The VMEDS module stores the results associated with the executing of the action in the VMEDS database and forwards the results to the VRM module.
Owner:NOPSEC

Distributed asset identification and change awareness method and system for implementing vulnerability management

InactiveCN108769064AIncreased cyber riskImproving the Accuracy of Vulnerability AssessmentsTransmissionVulnerability managementInformation Harvesting
A distributed asset identification and change awareness system for implementing vulnerability management includes a plurality of network asset information collection subsystems distributed in different regions and a distributed task scheduling and data processing subsystem, wherein tasks are decomposed based on a distributed architecture and allocated to appropriate resources through the task scheduling, task distribution and processing are realized for a plurality of nodes, and asset information detection and sensing are distributedly performed; the network asset information collection subsystems collect asset information of the networked active host; the data processing part of the distributed task scheduling and data processing subsystem obtains the asset information of the networked active host from the network asset information collection subsystems, and compares the asset information with the confirmed asset attribute information stored in the asset library to realize the automatic update of the asset information for the networked surviving host in the asset library. Vulnerability information is collected though vulnerability scanning, which may quickly treat and fix securityvulnerabilities in networked information systems.
Owner:GUANGDONG POWER GRID CO LTD INFORMATION CENT

Security vulnerability management method and system and device

The invention discloses a security vulnerability management method and system and a device, and belongs to the technical field of computers. The method includes the steps of receiving security vulnerability information uploaded by a user, sending the security vulnerability information to a management platform so that the management platform can find a repairer corresponding to the security vulnerability information according to the security vulnerability information, and sending prompting information to the repairer, wherein the prompting information is used for prompting the repairer to repair the security vulnerability information. By sending the safety vulnerability information uploaded by the user to the management platform so as to find the repairer corresponding to the security vulnerability information through the management platform and prompting the repairer to repair the security vulnerability information, the problems that work is complex and efficiency is low when multiple pieces of information containing security vulnerability are manually sent to corresponding developers respectively by interface personnel in the prior art are solved, and the effects that the reported security vulnerability information can be managed in a unified mode and the work efficiency can be improved are achieved.
Owner:SHENZHEN TENCENT COMP SYST CO LTD

Method and devices of submitting vulnerability information

In the embodiment of the invention, a method of submitting vulnerability information is provided. The method includes: acquiring information of a test step and a test environment, where vulnerability of a first application program is located when the vulnerability occurs, by a second application program when the vulnerability is detected in a process of testing the first application program; and sending the test step information and the test environment information to a vulnerability management server by the second application program. In the solution, when the vulnerability is detected in the process of testing the first application program, the second application program acquires the information of the test step and the test environment where the vulnerability is located when the vulnerability occurs, and sends the same to the vulnerability management server, completely manual participation in the process by a tester is not needed, thus time consumed for submitting the vulnerability information can be reduced, and the efficiency can be improved; and at the same time, because operation is not completely manually carried out by the tester, the defect that submitted information is lower in accuracy and imperfect due to manual mistakes can also be avoided.
Owner:网易有道信息技术(北京)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products