CN107480532A - Regression testing method based on vulnerability scanning - Google Patents
Regression testing method based on vulnerability scanning Download PDFInfo
- Publication number
- CN107480532A CN107480532A CN201710651876.6A CN201710651876A CN107480532A CN 107480532 A CN107480532 A CN 107480532A CN 201710651876 A CN201710651876 A CN 201710651876A CN 107480532 A CN107480532 A CN 107480532A
- Authority
- CN
- China
- Prior art keywords
- leak
- regression
- regression test
- test database
- data message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a kind of regression testing method based on vulnerability scanning, including:Platform leak is scanned comprehensively;Data message deposit regression test database corresponding to the leak of appearance will be scanned;After user changes platform leak, regression test database is called, platform is scanned;And the data message of last regression test database is emptied, and data message corresponding to the leak of this test reproduction is write into regression test database;After each regression test end of scan, judge whether data message corresponding to the leak of regression test database storage meets standard, terminate to scan if standard is met;The present invention can effectively improve scan efficiency, save the time.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of regression testing method based on vulnerability scanning.
Background technology
With the development of information age, national development enters Internet era, and country encourages masses to start an undertaking, therefore in
Small company's platform emerges in an endless stream, but because technology is not as big companies' maturation, it is limited plus starting fund, it is impossible to which that purchase is big
The service of type enterprise, so answering the demand product to generate this technical tactic, belong to industry class innovation and application first.
Existing secure scanner or service, are not provided with regression testing policy, and methods and strategies cost of implementation is low
It is honest and clean, very high trade benefit and technical benefits can be produced.Prior art does not return the methods and strategies of scanning, so to returning
The platform of test, all it is to carry out full leak script scans, excessive load can be so caused to server, to the platform of client just
Often operation, which will also result in, significantly affects, and efficiency is low.This methods and strategies can be reduced 80% and swept in regression test
Time overhead is retouched, increases the project that can be scanned, reduces a variety of benefits such as server stress.
The content of the invention
Instant invention overcomes the deficiencies in the prior art, there is provided a kind of regression testing method based on vulnerability scanning, it is intended to carry
Height scanning user changes the regression test efficiency after leak, reduces consumption of the service product to hardware resource, and reduce to
The counter productive that family detection of platform is brought.
In view of the above mentioned problem of prior art, according to one side disclosed by the invention, the present invention uses following technology
Scheme:
A kind of regression testing method based on vulnerability scanning, including:
Step 1: platform leak is scanned comprehensively;
Step 2: will scan data message corresponding to the leak of appearance is stored in regression test database;
Step 3: after user changes platform leak, regression test database is called, platform is scanned;It is and clear
The data message of empty last regression test database, and data message write-in corresponding to the leak of this test reproduction is returned
Test database;
Step 4: after each regression test end of scan, number corresponding to the leak of regression test database storage is judged
It is believed that whether breath meets standard, terminate to scan if standard is met, conversely, then repeat step three.
In order to which the present invention is better achieved, further technical scheme is:
According to one embodiment of the invention, in the case where regression test database is sky, regression test number is destroyed
According to storehouse.
According to another embodiment of the invention, data message corresponding to the leak is the script name of leak.
According to another embodiment of the invention, database storage leak corresponding data information is replaced using json strings
Mode.
The present invention can also be:
According to another embodiment of the invention, data corresponding to the leak for judging the storage of regression test database
The whether standard compliant mode of information is whether the data message of the regression test database is empty.
Compared with prior art, one of beneficial effects of the present invention are:
A kind of regression testing method based on vulnerability scanning of the present invention, when solving regression test, traditional is complete
Time and the wasting of resources caused by vulnerability scanning script is run, and the service impact to caused by user platform;The present invention can be with
It is effective to improve scan efficiency, the time is saved, and specific aim is stronger.
Brief description of the drawings
, below will be to embodiment for clearer explanation present specification embodiment or technical scheme of the prior art
Or the required accompanying drawing used is briefly described in the description of prior art, it should be apparent that, drawings in the following description are only
It is the reference to some embodiments in present specification, for those skilled in the art, is not paying creative work
In the case of, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the regression test schematic flow sheet based on vulnerability scanning according to one embodiment of the invention.
Embodiment
The present invention is described in further detail with reference to embodiment, but the implementation of the present invention is not limited to this.
As shown in figure 1, Fig. 1 shows the regression test flow according to an embodiment of the invention based on vulnerability scanning,
Including:
Step 1, vulnerability scanning mode traditionally carry out first scan;
After step 2, scanning start a leak, the leak that will appear from corresponds to script name deposit regression test database;
Step 3, when user has changed platform leak, regression test service is called in application, and engine directly invokes regression test
Database, platform is scanned;
Step 4, regression test database empty, regression test reproduction leak write-in regression test database;
Step 5, the regression test end of scan, judge whether regression test database is empty, if regression test database
It is not sky, is repeated from the 3rd step, if regression test database is sky, into step 6;
Step 6, destroy the project regression test database.
(second test) is tested present invention is mainly used for the multiple regression to system, the plan is added in Vulnerability-scanning technology
Slightly, it is intended to scan efficiency when improving regression test and the saving to products-hardware resource, wherein having used database to deposit
The temporarily below standard ephemeral data of client is put, and database is deleted after up to standard, reclaims hardware resource, while it is hidden to reach protection user
The effect of private data.
Wherein, temporary hole information is deposited with database for more than, and is deleted after qualified, it is possible to use similar side
Case, such as gone here and there and replaced with json.Number for regression test can be multiple, and the mark of end can be just calculation flow knot up to standard
Beam.
To sum up, the present invention is applied to vulnerability scanning engine direction, is a kind of methods and strategies, so as to provide a kind of spirit to client
Cheap purchase service plan living, reduces resource overhead in itself to server.Caused by when solving vulnerability scanning regression test
Ample resources wastes, and improves scan efficiency, reduces server resource temporary rate;Effect:Existing script bank 5w+, a platform
Leak most 500, regression test (i.e. second test) at least improve efficiency 99%.
" one embodiment " for being spoken of in this manual, " another embodiment ", " embodiment ", etc., refer to tying
Specific features, structure or the feature for closing embodiment description are included at least one embodiment of the application generality description
In.It is not necessarily to refer to same embodiment that statement of the same race, which occur, in multiple places in the description.Appoint furthermore, it is understood that combining
When one embodiment describes a specific features, structure or feature, what is advocated is this to realize with reference to other embodiment
Feature, structure or feature are also fallen within the scope of the present invention.
Although reference be made herein to invention has been described for multiple explanatory embodiments of the invention, however, it is to be understood that
Those skilled in the art can be designed that a lot of other modifications and embodiment, and these modifications and embodiment will fall in this Shen
Please be within disclosed spirit and spirit.More specifically, can be to master in the range of disclosure and claim
The building block and/or layout for inscribing composite configuration carry out a variety of variations and modifications.Except what is carried out to building block and/or layout
Outside variations and modifications, to those skilled in the art, other purposes also will be apparent.
Claims (5)
- A kind of 1. regression testing method based on vulnerability scanning, it is characterised in that including:Step 1: platform leak is scanned comprehensively;Step 2: will scan data message corresponding to the leak of appearance is stored in regression test database;Step 3: after user changes platform leak, regression test database is called, platform is scanned;And empty The data message of regression test database, and data message corresponding to the leak of this test reproduction is write into regression test Database;Step 4: after each regression test end of scan, data letter corresponding to the leak of regression test database storage is judged Whether breath meets standard, terminates to scan if standard is met, conversely, then repeat step three.
- 2. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that corresponding to the leak Data message is the script name of leak.
- 3. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that gone here and there and replaced using json Database deposits the mode of leak corresponding data information.
- 4. the regression testing method according to claim 1 based on vulnerability scanning, it is characterised in that described to judge to return survey Try the data that the whether standard compliant mode of data message corresponding to the leak of database storage is the regression test database Whether information is empty.
- 5. the regression testing method according to claim 4 based on vulnerability scanning, it is characterised in that in regression test data In the case that sky is in storehouse, regression test database is destroyed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710651876.6A CN107480532A (en) | 2017-08-02 | 2017-08-02 | Regression testing method based on vulnerability scanning |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710651876.6A CN107480532A (en) | 2017-08-02 | 2017-08-02 | Regression testing method based on vulnerability scanning |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107480532A true CN107480532A (en) | 2017-12-15 |
Family
ID=60598192
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710651876.6A Pending CN107480532A (en) | 2017-08-02 | 2017-08-02 | Regression testing method based on vulnerability scanning |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107480532A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108536600A (en) * | 2018-04-12 | 2018-09-14 | 平安普惠企业管理有限公司 | Regression testing method, unit and computer readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103955429A (en) * | 2014-05-16 | 2014-07-30 | 北京金山网络科技有限公司 | Method and device for determining regression testing range |
CN104750601A (en) * | 2013-12-25 | 2015-07-01 | ***通信集团吉林有限公司 | Test method and test device |
CN105117335A (en) * | 2015-08-26 | 2015-12-02 | 卡斯柯信号有限公司 | Method for automated verification and regression test of software unit |
CN106526367A (en) * | 2016-10-26 | 2017-03-22 | 深圳市赛格导航科技股份有限公司 | Electronic equipment testing method and device |
-
2017
- 2017-08-02 CN CN201710651876.6A patent/CN107480532A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104750601A (en) * | 2013-12-25 | 2015-07-01 | ***通信集团吉林有限公司 | Test method and test device |
CN103955429A (en) * | 2014-05-16 | 2014-07-30 | 北京金山网络科技有限公司 | Method and device for determining regression testing range |
CN105117335A (en) * | 2015-08-26 | 2015-12-02 | 卡斯柯信号有限公司 | Method for automated verification and regression test of software unit |
CN106526367A (en) * | 2016-10-26 | 2017-03-22 | 深圳市赛格导航科技股份有限公司 | Electronic equipment testing method and device |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108536600A (en) * | 2018-04-12 | 2018-09-14 | 平安普惠企业管理有限公司 | Regression testing method, unit and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Lichtenthaler | Shared value innovation: Linking competitiveness and societal goals in the context of digital transformation | |
Castka et al. | Management systems standards: Diffusion, impact and governance of ISO 9000, ISO 14000, and other management standards | |
CN109635276B (en) | Information matching method and terminal | |
US10860295B1 (en) | Automated detection of ambiguities in software design diagrams | |
EP2643753B1 (en) | Method to measure software reuse and corresponding computer program product | |
CN101242279A (en) | Automatic penetration testing system and method for WEB system | |
CN103313289A (en) | Wap system automatic test system and method | |
CN105959331B (en) | The optimization method and device of firewall policy | |
Fransen et al. | Introduction to the special issue: Public and private labor standards policy in the global economy | |
van Zelst et al. | Detection and removal of infrequent behavior from event streams of business processes | |
CN110827002A (en) | Workflow-based approval method and workflow engine | |
CN110941674A (en) | Block chain-based compliance audit method, device, system and storage medium | |
CN111667141A (en) | Pending task case processing method, device, equipment and storage medium | |
CN107480532A (en) | Regression testing method based on vulnerability scanning | |
Song et al. | Timed modeling and verification of BPEL processes using time Petri nets | |
US8214236B2 (en) | Developing and sustaining capabilities of a business | |
CN112613887B (en) | Customer relationship management method and system based on big data | |
US8949787B2 (en) | Locating isolation points in an application under multi-tenant environment | |
TWI446282B (en) | System and method for tips in dynamic audit | |
Zou et al. | Live instance migration with data consistency in composite service evolution | |
CN110674380B (en) | Data query method, system, readable storage medium and intelligent device | |
Amuda-Yusuf et al. | Barriers to Electronic Tendering Adoption by Organisations in Nigerian Construction Industry | |
An | Service-Oriented Architecture (SOA) is not just another product or technology to be added to the IT environment. Rather, SOA requires significant and often fairly far-reaching changes to truly reap all the benefits of adopting SOA. To successfully adopt SOA, a company must create a plan that addresses the full extent of the changes required for SOA. | |
Wongthongchai et al. | The influence of green training on green supply chain management practices and Firm’s performance | |
Habarta | Socio-Economic Models of Latin American States |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171215 |