CN114238995A - Vulnerability management system and method - Google Patents

Vulnerability management system and method Download PDF

Info

Publication number
CN114238995A
CN114238995A CN202111601788.8A CN202111601788A CN114238995A CN 114238995 A CN114238995 A CN 114238995A CN 202111601788 A CN202111601788 A CN 202111601788A CN 114238995 A CN114238995 A CN 114238995A
Authority
CN
China
Prior art keywords
vulnerability
scanning
asset
data
itsm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111601788.8A
Other languages
Chinese (zh)
Inventor
刘爱辉
杨晓勤
丁海虹
刘云鹏
孙朋
张文童
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN202111601788.8A priority Critical patent/CN114238995A/en
Publication of CN114238995A publication Critical patent/CN114238995A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/50Indexing scheme relating to G06F9/50
    • G06F2209/5021Priority

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a vulnerability management system and a method, the vulnerability management system performs vulnerability scanning on obtained asset data to be scanned by scheduling a vulnerability scanning tool, outputs a vulnerability scanning result, performs correlation analysis on asset related data according to the vulnerability scanning result, vulnerability information data and penetration data, outputs an asset list to be rectified and evaluates vulnerability repair priority, schedules a vulnerability rectification worksheet created by ITSM based on a vulnerability rectification flow on ITSM according to the vulnerability repair priority, and executes the vulnerability rectification worksheet. In the scheme, in the aspect of vulnerability correction, the vulnerability correction worksheet can be created by scheduling the ITSM through the vulnerability management system without depending on the own vulnerability correction worksheet flow of the vulnerability management system, so that the application range of the vulnerability correction worksheet flow can be widened to meet the vulnerability correction requirement, and meanwhile, the timeliness of vulnerability correction is improved.

Description

Vulnerability management system and method
Technical Field
The invention relates to the technical field of vulnerability management, in particular to a vulnerability management system and method.
Background
At present, with the continuous and high-speed development of network technology, a great number of vulnerabilities generated by mass data bring about a great number of network security hidden dangers. Particularly for financial enterprises, under the drive of huge interests, network hackers can attack the enterprises by using network vulnerabilities to cause enterprise asset loss.
The prior art mainly manages vulnerabilities by constructing a vulnerability management system. The existing vulnerability management system mainly comprises: the system comprises an asset management module, a vulnerability scanning module, a vulnerability information module, a vulnerability analysis module, a vulnerability disposal module and the like. The asset management module acquires various asset data by means of scanning assets and butting an enterprise-level asset platform through an asset exploration tool and integrates the asset data to form an asset information base; the vulnerability scanning module performs vulnerability scanning on the asset data through a scheduling vulnerability scanning tool; the vulnerability information module acquires vulnerability information through vulnerability scanning tools, vulnerability information purchasing and other means to form a vulnerability information base, and grades the vulnerability according to the utilization difficulty and the damage level of the vulnerability; the vulnerability analysis module performs correlation analysis on vulnerability information and asset information by using a big data analysis technology, outputs asset information affected by a vulnerability, and performs vulnerability correction priority evaluation on the asset affected by the vulnerability according to factors such as vulnerability threat level, asset importance, Internet exposure level and the like; and the vulnerability handling module sends a worksheet to the vulnerability accountant through the own vulnerability rectification worksheet flow according to the vulnerability rectification priority, so as to rectify and track the progress of rectification.
However, the existing vulnerability management system mainly depends on the own vulnerability correction work order flow, and the narrow application range of the own vulnerability correction work order flow cannot meet the vulnerability correction requirement of the increasingly severe and complex network environment, and affects the timeliness of the vulnerability correction.
Disclosure of Invention
In view of this, embodiments of the present invention provide a vulnerability management system and method, so as to achieve the purpose of being beneficial to widening the use range of a vulnerability correction flow to meet the vulnerability correction requirement and improving the timeliness of vulnerability correction.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
the invention discloses a vulnerability management system in a first aspect, which comprises:
the scanning management module is used for scheduling a vulnerability scanning tool by using the acquired first scanning related parameter information, performing vulnerability scanning on asset data to be scanned in the acquired asset related data by using the vulnerability scanning tool, and outputting a vulnerability scanning result, wherein the first scanning related parameter information is acquired by an enterprise-level process management platform ITSM (integrated transaction management system) based on a vulnerability scanning request and is synchronized to the vulnerability management system, and the asset related data is acquired and integrated by the asset management module;
the vulnerability analysis module is used for performing correlation analysis on the asset related data according to the vulnerability scanning result, vulnerability information data and penetration data to obtain asset data affected by the vulnerability, evaluating vulnerability repair priority of the asset data affected by the vulnerability to obtain an asset list to be rectified and output, wherein the vulnerability information data is obtained based on the vulnerability information integration module, and the penetration data is obtained by the penetration test module according to a pre-introduced penetration test report template;
and the vulnerability handling module is used for scheduling the ITSM based on the obtained asset list to be rectified, creating a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM, and executing the worksheet.
Optionally, the scan management module is further configured to:
and when second scanning related parameter information corresponding to the newly added assets is received, scheduling a vulnerability scanning tool to carry out vulnerability scanning on the newly added assets by using the obtained second scanning related parameter information, and outputting vulnerability scanning results, wherein the second scanning related parameter information is obtained by the ITSM based on a vulnerability scanning request of the newly added assets and is synchronized to the vulnerability management system.
Optionally, the vulnerability analysis module is specifically configured to:
and automatically synchronizing vulnerability information data of a cloud end by utilizing the vulnerability information integration module at preset time intervals, carrying out association analysis on the related data of the assets according to the vulnerability scanning result, the penetration data and the vulnerability information data, and outputting the list of the assets to be rectified and modified.
Alternatively, the first and second electrodes may be,
acquiring vulnerability information data manually selected or manually input by the vulnerability information integration module, performing correlation analysis on the asset related data according to the vulnerability scanning result, the penetration data and the vulnerability information data, and outputting the to-be-rectified asset list.
Optionally, the vulnerability analysis module is specifically configured to:
the method comprises the steps of performing correlation analysis on obtained asset related data based on obtained vulnerability scanning results, vulnerability information data and penetration data to obtain asset data affected by vulnerabilities, analyzing disposal factors of the asset data affected by the vulnerabilities, evaluating vulnerability repair priorities of the asset data affected by the vulnerabilities based on obtained vulnerability threat levels and the disposal factors, collecting asset data affected by the vulnerabilities after the vulnerability repair priorities are evaluated, obtaining and outputting a to-be-rectified asset list, and obtaining the vulnerability threat levels based on a vulnerability information integration module.
Optionally, the vulnerability handling module is further configured to:
based on the obtained to-be-rectified asset list, initiating a vulnerability rectification flow on the ITSM through a docking interface between the vulnerability management system and the ITSM, and tracking the progress of the ITSM executing a vulnerability rectification worksheet corresponding to the vulnerability rectification flow in real time, wherein the vulnerability rectification worksheet is created by the ITSM based on vulnerability remediation priorities in the to-be-rectified asset list.
Optionally, in the system:
the vulnerability processing module is further used for receiving a vulnerability correction and modification verification request and sending a vulnerability re-scanning request to the scanning management module, wherein the vulnerability correction and modification verification request is initiated by the vulnerability correction and modification flow based on the corrected and modified assets; the scanning management module is further used for scheduling the vulnerability scanning tool to perform vulnerability re-scanning on the reformed assets based on the vulnerability re-scanning request, and sending obtained vulnerability re-scanning results to the vulnerability analysis module; the vulnerability analysis module is further used for comparing the received vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability re-scanning result is consistent with the vulnerability scanning result, the vulnerability rectification fails, and if the vulnerability re-scanning result is inconsistent with the vulnerability scanning result, the vulnerability rectification succeeds.
The second aspect of the invention discloses a vulnerability management method, which comprises the following steps:
scheduling a vulnerability scanning tool by using the acquired first scanning related parameter information, wherein the first scanning related parameter information is acquired by an enterprise-level process management platform ITSM based on a vulnerability scanning request and is synchronized to the vulnerability management system;
utilizing the vulnerability scanning tool to carry out vulnerability scanning on asset data to be scanned in the obtained asset related data and outputting vulnerability scanning results, wherein the asset related data is obtained and integrated by an asset management module;
performing correlation analysis on the asset related data according to the vulnerability scanning result, vulnerability information data and penetration data to obtain asset data influenced by a vulnerability, evaluating vulnerability repair priority of the asset data influenced by the vulnerability to obtain and output a to-be-rectified asset list, wherein the vulnerability information data is obtained based on a vulnerability information integration module, and the penetration data is obtained by a penetration testing module according to a pre-introduced penetration testing report template;
and scheduling the ITSM based on the obtained asset list to be rectified, creating a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM, and executing.
Optionally, the method further includes:
and scheduling a vulnerability scanning tool by using the acquired second scanning related parameter information corresponding to the newly added assets, performing vulnerability scanning on the newly added asset data in the acquired asset data to be scanned by using the vulnerability scanning tool, and outputting vulnerability scanning results, wherein the second scanning related parameter information corresponding to the newly added assets is acquired by the ITSM based on a newly added asset vulnerability scanning request sent by the vulnerability management system and is synchronized to the vulnerability management system.
Optionally, the method further includes:
based on the obtained to-be-rectified asset list, initiating a vulnerability rectification flow on the ITSM through a docking interface between the ITSM and the ITSM, and tracking the progress of the ITSM executing a vulnerability rectification worksheet corresponding to the vulnerability rectification flow in real time, wherein the vulnerability rectification worksheet is created by the ITSM based on the vulnerability repair priority in the to-be-rectified asset list.
Optionally, the method further includes:
receiving a vulnerability truing verification request initiated by the asset of which the truing process on the ITSM is based on truing completion;
scheduling the vulnerability scanning tool to perform vulnerability re-scanning on the reformed assets based on the received vulnerability reforming verification request to obtain vulnerability re-scanning results;
and comparing the obtained vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability re-scanning result is consistent with the vulnerability scanning result, failing to completely modify the vulnerability, and if the vulnerability re-scanning result is inconsistent with the vulnerability scanning result, successfully modifying the vulnerability.
According to the technical scheme, the vulnerability scanning tool is scheduled by using the acquired scanning related parameter information to carry out vulnerability scanning on asset data to be scanned in the acquired asset related data, a vulnerability scanning result is output, the asset related data is subjected to correlation analysis according to the vulnerability scanning result, vulnerability information data and penetration data, an asset list to be rectified is output, the vulnerability remediation priority of the asset list to be rectified is evaluated, an enterprise level flow management platform ITSM is scheduled based on the vulnerability remediation priority, a vulnerability rectification worksheet is created based on a vulnerability rectification flow on the ITSM, and the vulnerability rectification worksheet is executed. Based on the above, in the aspect of vulnerability correction, the vulnerability management system can schedule the ITSM to create the vulnerability correction worksheet without depending on the own vulnerability correction worksheet flow of the vulnerability management system, so that the application range of the vulnerability correction flow can be widened to meet the vulnerability correction requirement, and meanwhile, the timeliness of the vulnerability correction is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic diagram of a vulnerability management system according to an embodiment of the present invention;
FIG. 2 is a schematic structural diagram of a scan management module according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a vulnerability analysis module disclosed in the embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a vulnerability handling module according to an embodiment of the present invention;
FIG. 5 is a schematic block flow diagram illustrating a procedure for executing bug rescan according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of a vulnerability management method according to an embodiment of the present invention;
fig. 7 is a schematic flowchart of a scanning method for newly added assets according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
It can be known from the background art that the vulnerability management system in the prior art mainly depends on the self-owned vulnerability renovation work order flow in the aspect of vulnerability renovation, and the narrow application range of the self-owned vulnerability renovation work order flow cannot meet the vulnerability renovation requirements of increasingly severe and complex network environments, and simultaneously influences the timeliness of vulnerability renovation.
In order to solve the above problems, the embodiment of the present invention discloses a vulnerability management system and method, which can create a vulnerability correction worksheet through a vulnerability management system scheduling ITSM in the aspect of vulnerability correction without depending on the own vulnerability correction worksheet flow of the vulnerability management system, thereby being beneficial to widening the application range of the vulnerability correction flow to meet the vulnerability correction requirement and simultaneously improving the timeliness of the vulnerability correction.
Referring to fig. 1, a schematic architecture diagram of an vulnerability management system 100 disclosed in an embodiment of the present invention is shown, where the vulnerability management system includes a vulnerability management platform 101 and a data integration pool 108.
It should be noted that the vulnerability management platform 101 mainly includes an asset management module 102, a vulnerability intelligence integration module 103, a penetration testing module 104, a scanning management module 105, a vulnerability analysis module 106 and a vulnerability handling module 107.
The data integration pool 108 includes an IT asset repository 109, a vulnerability repository 110, and a vulnerability intelligence repository 111.
The data integration pool 108 is used for storing asset data, vulnerability intelligence data, vulnerability scanning results, penetration data and other various asset data accessed by the vulnerability management system 100.
The asset management module 102 integrates asset data accessed by the vulnerability management system 100 stored in the IT asset library 109 to obtain asset related data, respectively sends asset data to be scanned and asset related data in the asset related data to the scanning management module 105 and the vulnerability analysis module 106, and stores the asset related data in the IT asset library 109.
It should be noted that the asset-related data includes data related to the assets accessed by the vulnerability management system 100, such as asset data to be scanned, asset data, internet exposed surface data of the assets, and asset configuration data.
The vulnerability information integration module 103 acquires vulnerability information data from a national information and security vulnerability sharing platform CNVD, a Chinese national information and security vulnerability library CNNVD and a security manufacturer by utilizing a vulnerability crawling tool carried by the vulnerability management system 100, simultaneously supports manual input of the vulnerability information data and automatic synchronization of the vulnerability information data from an external cloud, performs vulnerability integration based on the acquired vulnerability information data to obtain vulnerability attribute information such as vulnerability type, vulnerability verification information and vulnerability utilization mode, evaluates threat levels of corresponding vulnerabilities in the vulnerability information data based on the vulnerability attribute information, and sends the vulnerability information data and vulnerability threat levels corresponding to vulnerabilities in the vulnerability information data to the vulnerability analysis module 106 and stores the vulnerability threat levels in the vulnerability information library 111.
The penetration test module 104 imports a penetration test report template filled by penetration testing personnel, analyzes and verifies the imported penetration test loopholes in the penetration test report template to obtain penetration data, and sends the penetration data to the loophole analysis module 106 and stores the penetration data in the vulnerability library 110.
Based on the acquired inventory asset data in the asset data to be scanned, the scanning management module 105 initiates a vulnerability scanning process to a manager of a system to which the asset to be scanned belongs through the ITSM platform 112 docked with the vulnerability management system 100, synchronously acquires first scanning related parameter information filled in the vulnerability scanning process initiated by the manager through the ITSM platform 112, creates a vulnerability scanning task according to the first scanning related parameter information, schedules a vulnerability scanning tool by using the acquired first scanning related parameter information to perform vulnerability scanning on the acquired inventory asset data in the asset data to be scanned, obtains a vulnerability scanning result, and sends the vulnerability scanning result to the vulnerability analysis module 106 and stores the vulnerability scanning result in the vulnerability database 110.
It should be noted that, the first scanning related parameter information is obtained by the scanning management module 105, based on the acquired asset stock data in the asset data to be scanned, initiating a vulnerability scanning process through the ITSM platform 112, and based on the vulnerability scanning process on the ITSM platform 112, synchronously acquiring the vulnerability scanning process.
The vulnerability analysis module 106 performs multi-source vulnerability integration based on the acquired vulnerability scanning result, vulnerability intelligence data and penetration data, performs correlation analysis on the acquired asset related data to obtain asset data affected by the vulnerability and store the asset data to the vulnerability library 110, analyzes disposal factors corresponding to assets in the asset data affected by the vulnerability by combining the asset related data, forms a to-be-reformed asset list based on the acquired vulnerability threat level and the disposal factor evaluation vulnerability repair priority of the asset data affected by the vulnerability, and sends the to-be-reformed asset list to the vulnerability disposal module 107.
The vulnerability handling module 107 initiates a vulnerability handling task based on the acquired vulnerability repair priority in the to-be-rectified asset list, creates a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM platform 112 by scheduling the ITSM platform 112 docked with the vulnerability management system 100, and synchronously acquires and executes the vulnerability rectification worksheet.
In this embodiment, in the aspect of bug rectification, the bug management system 100 may schedule the ITSM platform 112 to create a bug rectification work order through the bug management system 100, so as to facilitate widening the application range of the bug rectification flow to meet the bug rectification requirement and improve the timeliness of the bug rectification.
The specific implementation is illustrated by the following examples.
Referring to fig. 2, a schematic structural diagram of a scan management module 201 disclosed in the embodiment of the present invention is shown.
The scanning management module 201 is further configured to, when second scanning related parameter information corresponding to the newly added asset is received, schedule a vulnerability scanning tool to perform vulnerability scanning on the newly added asset by using the obtained second scanning related parameter information, and output a vulnerability scanning result.
It should be noted that the second scanning related parameter information is initiated by the scanning management module 201 through the ITSM platform 202 based on the acquired new asset data in the asset data to be scanned, and is synchronously acquired based on the vulnerability scanning flow embedded in the agile delivery flow on the ITSM platform 202.
It can be understood that, the scanning management module 201 initiates an agile delivery flow to a manager of a system to which assets to be scanned belong through the ITSM platform 202 docked with the vulnerability management system based on the acquired newly added asset data in the asset data to be scanned, the agile delivery flow is embedded with a vulnerability scanning flow, and synchronously acquires second scanning related parameter information filled in the agile delivery flow initiated by the manager in the ITSM platform 202 based on a vulnerability scanning sub-flow automatically created by the agile delivery flow, creates a vulnerability scanning task according to the second scanning related parameter information, and schedules a vulnerability scanning tool to perform vulnerability scanning on the newly added asset data in the acquired asset data to be scanned by using the acquired second scanning related parameter information, and outputs a vulnerability scanning result.
It should be noted that, the scanning management module 201 creates a vulnerability scanning worksheet based on the acquired newly added asset data in the asset data to be scanned and based on the vulnerability scanning worksheet, the ITSM platform 202 schedules the newly added asset data to initiate an agile delivery flow to the administrator of the system to which the newly added asset data belongs through a docking interface of the vulnerability management system and the ITSM platform 202, or, the scanning management module 201 synchronizes the acquired newly added asset data in the asset data to be scanned to the ITSM platform 202 through the docking interface of the vulnerability management system and the ITSM platform 202, the ITSM platform 202 creates a vulnerability scanning worksheet based on the newly added asset data and initiates an agile delivery flow to the administrator of the system to which the newly added asset data belongs based on the vulnerability scanning worksheet.
In this embodiment, the scanning management module 201 creates a vulnerability scanning worksheet based on the newly added asset data in the acquired asset data to be scanned, schedules the ITSM platform 202 to initiate an agile delivery process based on the vulnerability scanning worksheet, and synchronously acquires information of a second scanning related parameter based on the agile delivery process initiated on the ITSM platform 202, thereby effectively reducing the labor communication cost of vulnerability scanning.
Referring to fig. 3, a schematic structural diagram of a vulnerability analysis module 301 disclosed in the embodiment of the present invention is shown.
And the vulnerability analysis module 301 is specifically configured to automatically synchronize vulnerability intelligence data of the cloud end by using the vulnerability intelligence integration module at preset time intervals, perform correlation analysis on the asset related data according to the vulnerability scanning result, the penetration data and the vulnerability intelligence data, and output the to-be-modified asset list.
Alternatively, the first and second electrodes may be,
acquiring vulnerability information data manually selected or manually input by the vulnerability information integration module, performing correlation analysis on the asset related data according to the vulnerability scanning result, the penetration data and the vulnerability information data, and outputting the to-be-rectified asset list.
It can be understood that the vulnerability analysis module 301 performs multi-source vulnerability integration based on the obtained vulnerability scanning results, vulnerability intelligence data and penetration data, and performs association analysis on the obtained asset-related data, wherein the vulnerability analysis module 301 provides two association analysis modes, namely automatic and manual.
The automatic association analysis mode is that the vulnerability analysis module 301 performs association analysis on the obtained asset related data based on vulnerability information data of a vulnerability automatic synchronization cloud end, a vulnerability scanning result sent by the scanning management module and penetration data sent by the penetration test module in a vulnerability management system according to a preset time period, so as to obtain asset data affected by the vulnerability.
The manual analysis mode is that the vulnerability analysis module 301 performs correlation analysis on the obtained asset related data based on vulnerability information data selected or manually input by an operator in the vulnerability information integration module in the vulnerability management system, vulnerability scanning results sent by the scanning management module and penetration data sent by the penetration test module to obtain asset data affected by the vulnerability.
Referring to fig. 4, a schematic structural diagram of a vulnerability analysis module 401 disclosed in the embodiment of the present invention is shown.
The vulnerability analysis module 401 is specifically configured to perform association analysis on the acquired asset related data based on the acquired vulnerability scanning result, vulnerability intelligence data and penetration data to obtain asset data affected by a vulnerability, analyze disposal factors of the asset data affected by the vulnerability, evaluate the vulnerability repair priority of the asset data affected by the vulnerability based on the acquired vulnerability threat level and the disposal factors, and collect the asset data affected by the vulnerability after evaluating the vulnerability repair priority to obtain and output a to-be-modified asset list.
It should be noted that the vulnerability threat level is obtained by a vulnerability information integration module in the vulnerability management system after vulnerability integration and evaluation are performed on the basis of the acquired vulnerability information data, and is sent to the vulnerability analysis module 401.
It can be understood that the vulnerability analysis module 401 performs multi-source vulnerability integration according to the obtained vulnerability scanning result, vulnerability intelligence data and penetration data, performs association analysis on the obtained asset related data to obtain asset data affected by a vulnerability, analyzes disposal factors corresponding to assets affected by the vulnerability by combining the asset data affected by the vulnerability, and evaluates vulnerability repair priority of the asset data affected by the vulnerability based on the obtained vulnerability threat level and the disposal factors to form a to-be-rectified asset list and output the list.
It should be noted that the disposal factors are factors that affect the vulnerability truing disposal process for the assets affected by the vulnerability, and the disposal factors include, but are not limited to, asset importance factors and internet exposure factors of the assets.
Referring to fig. 5, a schematic structural diagram of a vulnerability handling module 501 disclosed in the embodiment of the present invention is shown.
The vulnerability handling module 501 is further configured to initiate a vulnerability correction flow on the ITSM through a docking interface between the vulnerability management system and the ITSM based on the obtained asset list to be corrected, and track the progress of executing a vulnerability correction worksheet corresponding to the vulnerability correction flow by the ITSM in real time.
It should be noted that the bug rectification work order is created by the ITSM based on the bug fix priority in the to-be-rectified asset list.
It can be understood that the vulnerability handling module 501 initiates a vulnerability handling task based on the obtained vulnerability repair priority in the to-be-reformed asset list, schedules the ITSM platform 502 to create a vulnerability reforming worksheet based on the vulnerability reforming flow on the ITSM platform 502 through a docking interface between the vulnerability management system and the ITSM platform 502, and tracks the progress of the vulnerability reforming worksheet executed on the ITSM platform 502 and corresponding to the vulnerability reforming flow in real time.
In this embodiment, the vulnerability handling module 501 initiates a vulnerability handling task based on the vulnerability repair priority in the to-be-rectified asset list, schedules the ITSM platform 502 to create a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM platform 502, and tracks the progress of the vulnerability rectification worksheet executed on the ITSM platform 502 corresponding to the vulnerability rectification flow in real time, so as to facilitate widening of the use range of the vulnerability rectification flow to meet the vulnerability rectification demand and improve the timeliness of vulnerability rectification.
Fig. 6 is a schematic diagram showing a flow of a module for executing bug rescanning according to an embodiment of the present invention.
The vulnerability handling module 601 is further configured to receive a vulnerability correction and verification request, and send a vulnerability rescanning request to the scan management module 602.
It should be noted that the vulnerability rectification verification request is initiated by a docking interface between the vulnerability rectification process on the ITSM platform and the vulnerability management system based on the rectified assets in the corresponding vulnerability rectification worksheet.
The scanning management module 602 is further configured to schedule the vulnerability scanning tool to perform vulnerability re-scanning on the reformed asset based on the vulnerability re-scanning request, and send an obtained vulnerability re-scanning result to the vulnerability analysis module 603. The vulnerability analysis module 603 is further configured to compare the received vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability re-scanning result is consistent with the vulnerability scanning result, the vulnerability rectification fails, and if the vulnerability re-scanning result is inconsistent with the vulnerability scanning result, the vulnerability rectification succeeds.
It can be understood that the vulnerability handling module 601 receives the vulnerability rectification verification request, audits the vulnerability rectification situation in the vulnerability rectification work order by combining the progress of the vulnerability rectification work order corresponding to the vulnerability rectification flow on the ITSM platform tracked in real time, and sends a vulnerability rescanning request to the scanning management module 602 after the audit is passed.
Based on the received vulnerability re-scanning request, the scanning management module 602 schedules a vulnerability scanning tool to perform vulnerability re-scanning on the assets which are completely rectified in the vulnerability rectification work order, obtains a vulnerability re-scanning result, and sends the vulnerability re-scanning result to the vulnerability analysis module 603.
The vulnerability analysis module 603 sends a vulnerability scanning result acquisition request corresponding to the asset information to the data integration pool 504 based on the obtained asset information after the completion of the correction in the vulnerability re-scanning result, compares the vulnerability scanning result returned by the data integration pool 604 with the vulnerability re-scanning result, outputs a vulnerability correction verification result that the vulnerability correction fails if the vulnerability scanning result is consistent with the vulnerability re-scanning result, and outputs a vulnerability correction verification result that the vulnerability correction succeeds if the vulnerability scanning result is inconsistent with the vulnerability re-scanning result.
It should be noted that the data integration pool 604 is used for storing asset data, vulnerability intelligence data, vulnerability scanning results, penetration data, and other various asset data accessed by the vulnerability management system.
In this embodiment, the vulnerability management system initiates vulnerability rescanning based on the obtained progress of the assets which are completely reformed in the vulnerability reforming worksheet, compares the vulnerability scanning results before reforming, and obtains a vulnerability reforming verification result, thereby improving the vulnerability reforming verification efficiency by means of automation.
Referring to fig. 7, a schematic flow chart of a vulnerability management method disclosed in the embodiment of the present invention is shown, where the vulnerability management method is applied to the vulnerability management system provided in the embodiment of the present invention, and the vulnerability management method includes:
s701: and scheduling the vulnerability scanning tool by using the acquired first scanning related parameter information.
It should be noted that the first scanning related parameter information is inventory asset data in the asset data to be scanned, which is obtained by accessing various asset data to the vulnerability management system through a large data cloud platform and integrating the inventory asset data, and based on the inventory asset data, the enterprise-level process management platform ITSM is scheduled to initiate a vulnerability scanning process, and based on the vulnerability scanning process on the ITSM platform, the vulnerability scanning process is synchronously acquired.
The vulnerability management system can acquire and integrate various asset data by butting a big data cloud platform to form asset related data and store the asset related data, sends a vulnerability scanning request to the ITSM platform through a butting interface between the ITSM platform and the inventory asset data in the asset data to be scanned based on the asset related data, synchronously acquires first scanning related parameter information corresponding to the inventory asset data based on a vulnerability scanning process on the ITSM platform, and schedules a vulnerability scanning tool based on the first scanning related parameter information.
S702: and carrying out vulnerability scanning on the asset data to be scanned in the obtained asset related data by using the vulnerability scanning tool, and outputting a vulnerability scanning result.
S703: and performing correlation analysis on the asset related data according to the vulnerability scanning result, the vulnerability information data and the penetration data to obtain asset data influenced by the vulnerability, evaluating the vulnerability repair priority of the asset data influenced by the vulnerability, and obtaining and outputting a to-be-rectified asset list.
It can be understood that multi-source vulnerability integration is carried out according to the vulnerability scanning result, vulnerability intelligence data and penetration data, the obtained asset related data is subjected to correlation analysis, asset data affected by vulnerabilities are obtained, disposal factors corresponding to assets in the asset data affected by the vulnerabilities are analyzed by combining the asset related data, vulnerability repair priorities of the asset data affected by the vulnerabilities are evaluated on the basis of the obtained vulnerability threat levels and the disposal factors, asset data affected by the vulnerabilities after the vulnerability repair priorities are evaluated in a gathering mode, and a to-be-rectified asset list is obtained and output.
It should be noted that the disposal factors are factors that affect the vulnerability truing disposal process for the assets affected by the vulnerability, and the disposal factors include, but are not limited to, asset importance factors and internet exposure factors of the assets.
S704: and scheduling ITSM based on the obtained asset list to be rectified, creating a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM, and executing.
It can be understood that the vulnerability management system schedules the vulnerability correction worksheet created by the ITSM platform based on the vulnerability correction flow on the ITSM platform based on the vulnerability repair priority in the to-be-corrected asset list and executes the worksheet.
In this embodiment, in the aspect of bug rectification, the bug management system may schedule the ITSM platform to create a bug rectification worksheet, so as to facilitate widening of the application range of the bug rectification flow to meet the bug rectification requirement and improve the timeliness of the bug rectification.
The embodiment of the invention discloses a method for scanning newly added assets, which mainly comprises the following steps:
s801: and scheduling the vulnerability scanning tool by using the acquired second scanning related parameter information.
It should be noted that the second scanning related parameter information is newly added asset data in the asset data to be scanned, which is obtained by accessing various asset data to the vulnerability management system through a large data cloud platform and integrating the newly added asset data, an enterprise-level process management platform ITSM is scheduled to initiate an agile delivery process based on the newly added asset data, and the vulnerability scanning process embedded in the agile delivery process on the ITSM platform is synchronously acquired.
The vulnerability management system can acquire and integrate various asset data by butting a big data cloud platform to form asset related data and store the asset related data, sends a vulnerability scanning request to the ITSM platform through a butting interface between the ITSM platform and newly added asset data in the asset data to be scanned in the asset related data, synchronously acquires second scanning related parameter information corresponding to the newly added asset data based on a vulnerability scanning flow embedded in an agile delivery flow on the ITSM platform, and schedules a vulnerability scanning tool based on the second scanning related parameter information.
S802: and performing vulnerability scanning on newly added asset data in the acquired asset data to be scanned by using the vulnerability scanning tool, and outputting vulnerability scanning results.
It can be understood that the vulnerability management system utilizes the vulnerability scanning tool to perform vulnerability scanning on newly added asset data in the acquired asset data to be scanned based on the synchronously acquired second scanning related parameter information, and outputs vulnerability scanning results corresponding to the newly added asset data.
In this embodiment, the vulnerability management system creates a vulnerability scanning worksheet based on the acquired newly added asset data in the asset data to be scanned, schedules the ITSM platform to initiate an agile delivery process based on the vulnerability scanning worksheet, and synchronously acquires the information of the second scanning related parameters based on the agile delivery process initiated on the ITSM platform, thereby effectively reducing the labor communication cost of vulnerability scanning.
The method for monitoring the process aiming at the ITSM disclosed by the embodiment of the invention comprises the following steps:
s901: and initiating a vulnerability truing process on the ITSM through a docking interface between the ITSM and the acquired asset list to be trued.
It can be understood that the vulnerability management system initiates a vulnerability handling task based on the obtained vulnerability repair priority in the to-be-reformed asset list, and schedules the ITSM platform through a docking interface between the vulnerability management system and the ITSM platform to create a vulnerability reforming worksheet based on a vulnerability reforming flow on the ITSM platform.
S902: and tracking the progress of the ITSM executing the bug rectification work order corresponding to the bug rectification flow in real time.
It can be understood that the vulnerability management system tracks the progress of the vulnerability correction worksheet executed on the ITSM platform and corresponding to the vulnerability correction process in real time through a docking interface between the vulnerability management system and the ITSM platform.
In this embodiment, the vulnerability management system initiates a vulnerability handling task based on the vulnerability repair priority in the to-be-rectified asset list, schedules the ITSM platform to create a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM platform, and tracks the progress of the vulnerability rectification worksheet executed on the ITSM platform corresponding to the vulnerability rectification flow in real time, so as to facilitate widening the application range of the vulnerability rectification flow to meet the vulnerability rectification demand and improve the timeliness of the vulnerability rectification.
The method for executing bug rescanning disclosed by the embodiment of the invention comprises the following steps:
s1001: a vulnerability rectification verification request is received.
It should be noted that the vulnerability rectification verification request is initiated by a docking interface between the vulnerability rectification process on the ITSM platform and the vulnerability management system based on the rectified assets in the corresponding vulnerability rectification worksheet.
It can be understood that the vulnerability management system receives the vulnerability rectification verification request, audits the vulnerability rectification condition in the vulnerability rectification work order by combining the real-time tracking progress of the vulnerability rectification work order corresponding to the vulnerability rectification flow on the ITSM platform, and initiates vulnerability rescanning after the audit is passed.
S1002: and scheduling a vulnerability scanning tool to perform vulnerability re-scanning on the assets after the completion of the renovation based on the received vulnerability renovation verification request to obtain a vulnerability re-scanning result.
It should be noted that the asset which is finished with the renovation is the asset which is finished with the renovation in the bug renovation flow on the ITSM platform and is based on the corresponding asset which is finished with the renovation in the bug renovation work order, and the asset which is finished with the renovation is sent to the bug management system through a docking interface between the bug management system and the bug management system.
S1003: and comparing the obtained vulnerability re-scanning result with the vulnerability scanning result to obtain a vulnerability correction verification result and outputting the vulnerability correction verification result.
It can be understood that, based on the obtained asset information of the completion of the renovation in the vulnerability re-scanning result, the vulnerability management system obtains the vulnerability scanning result corresponding to the asset information and compares the vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability scanning result is consistent with the vulnerability re-scanning result, the vulnerability renovation verification result of which the vulnerability renovation fails is output, and if the vulnerability scanning result is inconsistent with the vulnerability re-scanning result, the vulnerability renovation verification result of which the vulnerability renovation succeeds is output.
In this embodiment, the vulnerability management system initiates vulnerability rescanning based on the obtained progress of the assets which are completely reformed in the vulnerability reforming worksheet, compares the vulnerability scanning results before reforming, and obtains a vulnerability reforming verification result, thereby improving the vulnerability reforming verification efficiency by means of automation.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A vulnerability management system, comprising:
the scanning management module is used for scheduling a vulnerability scanning tool by using the acquired first scanning related parameter information, performing vulnerability scanning on asset data to be scanned in the acquired asset related data by using the vulnerability scanning tool, and outputting a vulnerability scanning result, wherein the first scanning related parameter information is acquired by an enterprise-level process management platform ITSM (integrated transaction management system) based on a vulnerability scanning request and is synchronized to the vulnerability management system, and the asset related data is acquired and integrated by the asset management module;
the vulnerability analysis module is used for performing correlation analysis on the asset related data according to the vulnerability scanning result, vulnerability information data and penetration data to obtain asset data affected by the vulnerability, evaluating vulnerability repair priority of the asset data affected by the vulnerability to obtain an asset list to be rectified and output, wherein the vulnerability information data is obtained based on the vulnerability information integration module, and the penetration data is obtained by the penetration test module according to a pre-introduced penetration test report template;
and the vulnerability handling module is used for scheduling the ITSM based on the obtained asset list to be rectified, creating a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM, and executing the worksheet.
2. The system of claim 1, wherein the scan management module is further configured to:
and when second scanning related parameter information corresponding to the newly added assets is received, scheduling a vulnerability scanning tool to carry out vulnerability scanning on the newly added assets by using the obtained second scanning related parameter information, and outputting vulnerability scanning results, wherein the second scanning related parameter information is obtained by the ITSM based on a vulnerability scanning request of the newly added assets and is synchronized to the vulnerability management system.
3. The system of claim 1, wherein the vulnerability analysis module is specifically configured to:
automatically synchronizing the vulnerability intelligence data at the cloud end by utilizing the vulnerability intelligence integration module at preset time intervals, carrying out correlation analysis on the related data of the assets according to the vulnerability scanning result, the penetration data and the vulnerability intelligence data, outputting the list of the assets to be rectified,
alternatively, the first and second electrodes may be,
acquiring vulnerability information data manually selected or manually input by the vulnerability information integration module, performing correlation analysis on the asset related data according to the vulnerability scanning result, the penetration data and the vulnerability information data, and outputting the to-be-rectified asset list.
4. The system of claim 1, wherein the vulnerability analysis module is specifically configured to:
the method comprises the steps of performing correlation analysis on obtained asset related data based on obtained vulnerability scanning results, vulnerability information data and penetration data to obtain asset data affected by vulnerabilities, analyzing disposal factors of the asset data affected by the vulnerabilities, evaluating vulnerability repair priorities of the asset data affected by the vulnerabilities based on obtained vulnerability threat levels and the disposal factors, collecting asset data affected by the vulnerabilities after the vulnerability repair priorities are evaluated, obtaining and outputting a to-be-rectified asset list, and obtaining the vulnerability threat levels based on a vulnerability information integration module.
5. The system of claim 1, wherein the vulnerability handling module is further configured to:
based on the obtained to-be-rectified asset list, initiating a vulnerability rectification flow on the ITSM through a docking interface between the vulnerability management system and the ITSM, and tracking the progress of the ITSM executing a vulnerability rectification worksheet corresponding to the vulnerability rectification flow in real time, wherein the vulnerability rectification worksheet is created by the ITSM based on vulnerability remediation priorities in the to-be-rectified asset list.
6. The system according to any one of claims 1 to 5,
the vulnerability processing module is further used for receiving a vulnerability correction and modification verification request and sending a vulnerability re-scanning request to the scanning management module, wherein the vulnerability correction and modification verification request is initiated by the vulnerability correction and modification flow based on the corrected and modified assets;
the scanning management module is further used for scheduling the vulnerability scanning tool to perform vulnerability re-scanning on the reformed assets based on the vulnerability re-scanning request, and sending obtained vulnerability re-scanning results to the vulnerability analysis module;
the vulnerability analysis module is further used for comparing the received vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability re-scanning result is consistent with the vulnerability scanning result, the vulnerability rectification fails, and if the vulnerability re-scanning result is inconsistent with the vulnerability scanning result, the vulnerability rectification succeeds.
7. A vulnerability management method, the method comprising:
scheduling a vulnerability scanning tool by using the acquired first scanning related parameter information, wherein the first scanning related parameter information is acquired by an enterprise-level process management platform ITSM based on a vulnerability scanning request and is synchronized to the vulnerability management system;
utilizing the vulnerability scanning tool to carry out vulnerability scanning on asset data to be scanned in the obtained asset related data and outputting vulnerability scanning results, wherein the asset related data is obtained and integrated by an asset management module;
performing correlation analysis on the asset related data according to the vulnerability scanning result, vulnerability information data and penetration data to obtain asset data influenced by a vulnerability, evaluating vulnerability repair priority of the asset data influenced by the vulnerability to obtain and output a to-be-rectified asset list, wherein the vulnerability information data is obtained based on a vulnerability information integration module, and the penetration data is obtained by a penetration testing module according to a pre-introduced penetration testing report template;
and scheduling the ITSM based on the obtained asset list to be rectified, creating a vulnerability rectification worksheet based on the vulnerability rectification flow on the ITSM, and executing.
8. The method of claim 7, further comprising:
and scheduling a vulnerability scanning tool by using the acquired second scanning related parameter information corresponding to the newly added assets, performing vulnerability scanning on the newly added asset data in the acquired asset data to be scanned by using the vulnerability scanning tool, and outputting vulnerability scanning results, wherein the second scanning related parameter information corresponding to the newly added assets is acquired by the ITSM based on a newly added asset vulnerability scanning request sent by the vulnerability management system and is synchronized to the vulnerability management system.
9. The method of claim 7, further comprising:
based on the obtained to-be-rectified asset list, initiating a vulnerability rectification flow on the ITSM through a docking interface between the ITSM and the ITSM, and tracking the progress of the ITSM executing a vulnerability rectification worksheet corresponding to the vulnerability rectification flow in real time, wherein the vulnerability rectification worksheet is created by the ITSM based on the vulnerability repair priority in the to-be-rectified asset list.
10. The method of claim 7, further comprising:
receiving a vulnerability truing verification request initiated by the asset of which the truing process on the ITSM is based on truing completion;
scheduling the vulnerability scanning tool to perform vulnerability re-scanning on the reformed assets based on the received vulnerability reforming verification request to obtain vulnerability re-scanning results;
and comparing the obtained vulnerability re-scanning result with the vulnerability scanning result, if the vulnerability re-scanning result is consistent with the vulnerability scanning result, failing to completely modify the vulnerability, and if the vulnerability re-scanning result is inconsistent with the vulnerability scanning result, successfully modifying the vulnerability.
CN202111601788.8A 2021-12-24 2021-12-24 Vulnerability management system and method Pending CN114238995A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111601788.8A CN114238995A (en) 2021-12-24 2021-12-24 Vulnerability management system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111601788.8A CN114238995A (en) 2021-12-24 2021-12-24 Vulnerability management system and method

Publications (1)

Publication Number Publication Date
CN114238995A true CN114238995A (en) 2022-03-25

Family

ID=80762778

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111601788.8A Pending CN114238995A (en) 2021-12-24 2021-12-24 Vulnerability management system and method

Country Status (1)

Country Link
CN (1) CN114238995A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116881923A (en) * 2023-07-12 2023-10-13 北京门石信息技术有限公司 IoT device security management method, system, medium and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116881923A (en) * 2023-07-12 2023-10-13 北京门石信息技术有限公司 IoT device security management method, system, medium and device

Similar Documents

Publication Publication Date Title
US20210334821A1 (en) Platform for facilitating an automated it audit
US9208324B2 (en) System and method to perform secure web application testing based on a hybrid pipelined approach
US9189772B2 (en) Control and verification of permissions
US8972578B2 (en) Master data management system for monitoring cloud computing
US10009227B2 (en) Network service provisioning tool and method
Javaid et al. A comprehensive people, process and technology (PPT) application model for Information Systems (IS) risk management in small/medium enterprises (SME)
Rahman et al. Security misconfigurations in open source kubernetes manifests: An empirical study
US20160036824A1 (en) Control and verification of permissions
WO2010031699A1 (en) Governing service identification in a service oriented architecture ('soa') governance model
CN114626069A (en) Threat modeling method and device
CN114238995A (en) Vulnerability management system and method
CN111274136B (en) Onboard software test management system and test process management method
Anshari et al. Designing An Attendance System Model for Work From Home (WFH) Employees Based on User-Centered
US20240037570A1 (en) Method for managing, evaluating and improving identity governance and administration
CN113836237A (en) Method and device for auditing data operation of database
CN109992251B (en) Business variable-oriented software development scheme generation method
Huang et al. An efficient framework for IT controls of bill 198 (Canada Sarbanes-Oxley) compliance by aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002
Orue-Echevarria et al. MEDINA: Improving Cloud Services trustworthiness through continuous audit-based certification
Maulani et al. Bug Bounty Hunting: A Case Study of Successful Vulnerability Discovery and Disclosure
CN116226865A (en) Security detection method, device, server, medium and product of cloud native application
Omotunde et al. A hybrid threat model for software security requirement specification
CN102763096A (en) Medical image processing system and medical image processing server
Wu et al. On an agent-based architecture for collaborative continuous auditing
Kang et al. CIA-Level driven secure SDLC framework for integrating security into SDLC process
CN103530232A (en) Method and device for building software testing management framework

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination