CN114741291A - Method, device, equipment and medium for automatically submitting vulnerability information - Google Patents

Method, device, equipment and medium for automatically submitting vulnerability information Download PDF

Info

Publication number
CN114741291A
CN114741291A CN202210347815.1A CN202210347815A CN114741291A CN 114741291 A CN114741291 A CN 114741291A CN 202210347815 A CN202210347815 A CN 202210347815A CN 114741291 A CN114741291 A CN 114741291A
Authority
CN
China
Prior art keywords
vulnerability
target
vulnerability information
test result
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210347815.1A
Other languages
Chinese (zh)
Inventor
靳云杰
秦晓宁
许飞
陈颖
颜顺鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nettrix Information Industry Beijing Co Ltd
Original Assignee
Nettrix Information Industry Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nettrix Information Industry Beijing Co Ltd filed Critical Nettrix Information Industry Beijing Co Ltd
Priority to CN202210347815.1A priority Critical patent/CN114741291A/en
Publication of CN114741291A publication Critical patent/CN114741291A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3692Test management for test results analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a method, a device, equipment and a medium for automatically submitting vulnerability information. The method comprises the following steps: acquiring a test result file matched with a target test product, and acquiring at least one item of vulnerability information matched with the target test product according to the test result file; performing self-consistency detection and/or normative inspection on each vulnerability information, and acquiring target vulnerability information passing the detection; respectively extracting associated test result fragments corresponding to each target vulnerability information in the test result file; and automatically submitting each target vulnerability information and the matched associated test result fragments to a vulnerability management system. By the technical scheme, the vulnerability information can be efficiently and accurately submitted to the vulnerability management system, and the product testing efficiency is improved.

Description

Method, device, equipment and medium for automatically submitting vulnerability information
Technical Field
The invention relates to the technical field of product testing, in particular to a method, a device, equipment and a medium for automatically submitting vulnerability information.
Background
With the gradual development of the product testing field, the tested vulnerability information is submitted to a vulnerability management system, so that testers can manage the vulnerability information appearing in the testing process, and the direction of paying attention to each enterprise is formed by conveniently checking and solving the vulnerability information appearing in the testing process.
In the prior art, testers are usually required to manually record and upload the appeared bug information, so that the accuracy and efficiency of the bug information submission are greatly influenced by the working experience and knowledge storage of the testers. Therefore, how to efficiently and accurately submit the vulnerability information to the vulnerability management system and improve the efficiency of product testing is a problem to be solved urgently at present.
Disclosure of Invention
The invention provides a method, a device, equipment and a medium for automatically submitting vulnerability information, which can solve the problems of low accuracy and efficiency of vulnerability information submission.
According to an aspect of the present invention, there is provided a method for automatically submitting vulnerability information, including:
obtaining a test result file matched with a target test product, and obtaining at least one item of vulnerability information matched with the target test product according to the test result file;
carrying out self-consistency detection and/or normative inspection on each vulnerability information, and acquiring target vulnerability information passing detection;
respectively extracting associated test result fragments corresponding to each target vulnerability information in the test result file;
and automatically submitting each target vulnerability information and the matched associated test result fragments to a vulnerability management system.
Optionally, obtaining at least one item of vulnerability information matched with the target test product according to the test result file includes:
reading each test result item included in the test result file line by line;
and identifying target keywords in each test result item, and extracting vulnerability information from the test result items with the identified target keywords.
According to the technical scheme, the target keyword is used for automatically extracting the vulnerability information in the test result file, the problem that some quickly disappeared vulnerability information is difficult to extract manually is solved, and the extraction rate and the accuracy of the vulnerability information can be improved.
Optionally, the self-consistency detection of each vulnerability information includes:
extracting a target project name from the currently processed target vulnerability information, and carrying out consistency detection on the project name and a standard project name of the target test product; or alternatively
Extracting target vulnerability classification and target log error information from the currently processed target vulnerability information, and carrying out adaptive detection on the target vulnerability classification and the target log error information.
According to the technical scheme, the project names in the vulnerability information are compared with the standard project names of the test products, or the vulnerability classification and the log error information in the vulnerability information are compared, so that the detection standard is provided for the project names of the vulnerability information and the vulnerability classification detection, the vulnerability information of which the project names and the vulnerability classification meet the requirements can be screened out, and an effective basis is provided for subsequent operation.
Optionally, the normative checking is performed on each vulnerability information, and the checking includes:
acquiring at least one necessary vulnerability description item corresponding to the vulnerability management system, and detecting whether all the necessary vulnerability description items are included in the vulnerability information; or
And performing duplicate removal check on each vulnerability information according to the existing vulnerability information in the vulnerability management system.
According to the technical scheme, the vulnerability information is compared with the necessary vulnerability description items of the vulnerability management system, or the current vulnerability information is screened from the vulnerability information existing in the vulnerability management system, so that the detection standard is provided for vulnerability description item detection and duplicate removal detection of the vulnerability information, the vulnerability description items can be screened out, the duplicate removal detection meets the requirement, and an effective basis is provided for subsequent operation.
Optionally, after obtaining the target vulnerability information that passes the detection, the method further includes:
after connection with an application program interface of a database is established, uploading the target vulnerability information to the database for centralized storage;
in the test result file, extracting respectively associated test result fragments corresponding to each target vulnerability information, including:
and when the condition that the batch submission is met is detected, acquiring each target vulnerability information from the database in batch, and extracting the associated test result fragments corresponding to each target vulnerability information in the test result file respectively.
According to the technical scheme, the vulnerability information which is detected through self-consistency and normative is stored in the database, so that subsequent management and batch extraction of the vulnerability information are facilitated.
Optionally, automatically submitting each target vulnerability information and the matched associated test result fragment to the vulnerability management system includes:
identifying target association test result fragments with data volume less than or equal to a data volume threshold of the vulnerability management system;
and automatically submitting the target association test result fragments and the matched target vulnerability information to a vulnerability management system.
According to the technical scheme, the size of the associated test result fragment is detected, the associated test result fragment meeting the requirements of the vulnerability management system is submitted together with vulnerability information, so that testers can check and solve the vulnerability information in time, and the test efficiency is improved.
Optionally, the vulnerability information includes: the system comprises a target test product serial number, a test system Internet protocol address, a project name, vulnerability classification, vulnerability occurrence time, operating system information, central processing unit information and log error information.
According to the technical scheme, the specific content of the vulnerability information can be displayed by statically limiting the vulnerability information.
According to another aspect of the present invention, there is provided an apparatus for automatically submitting vulnerability information, the apparatus including:
the data acquisition module is used for acquiring a test result file matched with a target test product and acquiring at least one item of vulnerability information matched with the target test product according to the test result file;
the data detection module is used for carrying out self-consistency detection and/or normative check on the vulnerability information and acquiring target vulnerability information passing the detection;
the test result extraction module is used for respectively extracting the associated test result fragments corresponding to each target vulnerability information in the test result file;
and the data submitting module is used for automatically submitting the target vulnerability information and the matched associated test result fragments to a vulnerability management system.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, and the computer program is executed by the at least one processor to enable the at least one processor to execute the method for automatically submitting vulnerability information according to any embodiment of the present invention.
According to another aspect of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement the method for automatically submitting vulnerability information according to any of the embodiments of the present invention when executed.
According to the technical scheme of the embodiment of the invention, the acquired vulnerability information is subjected to self-consistency detection and normative inspection, and the vulnerability information meeting the self-consistency detection and the normative inspection and the corresponding associated test result are automatically fragmented and submitted to the vulnerability management system, so that the problem that the accuracy and the efficiency of the vulnerability information cannot be effectively guaranteed when a tester submits the vulnerability information manually is solved, the vulnerability information can be submitted to the vulnerability management system efficiently and accurately, and the efficiency of product testing is improved.
It should be understood that the statements in this section are not intended to identify key or critical features of the embodiments of the present invention, nor are they intended to limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a method for automatically submitting vulnerability information according to an embodiment of the present invention;
fig. 2a is a flowchart of a method for automatically submitting vulnerability information according to a second embodiment of the present invention;
fig. 2b is a schematic flowchart of a method for automatically submitting vulnerability information according to a second embodiment of the present invention;
fig. 2c is a flowchart of a preferred automatic vulnerability information submission method according to the second embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for automatically submitting vulnerability information according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device implementing the method for automatically submitting vulnerability information according to the embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "comprises" and "comprising," and any variations thereof, in the description and claims of the present invention and the above-described drawings, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a method for automatically submitting vulnerability information according to an embodiment of the present invention, where the embodiment is applicable to a situation where vulnerability information is automatically submitted, and the method may be executed by a device for automatically submitting vulnerability information, where the device for automatically submitting vulnerability information may be implemented in a form of hardware and/or software, and the device for automatically submitting vulnerability information may be configured in an electronic device. As shown in fig. 1, the method includes:
s110, obtaining a test result file matched with a target test product, and obtaining at least one item of vulnerability information matched with the target test product according to the test result file.
The target test product may refer to a product tested by a tester, and exemplarily, the target test product may be an entity product, such as a server or a single chip microcomputer; but also virtual products such as applications and the like. The test result file may refer to a log file generated by a process that includes testing the target test product, e.g.,. log formatted test file. The vulnerability information can refer to information containing vulnerability problems of the target test product; optionally, the vulnerability information includes: the system comprises a target test product serial number, a test system Internet protocol address, a project name, vulnerability classification, vulnerability occurrence time, operating system information, central processing unit information and log error information.
It should be noted that the test result file may have no vulnerability information, and if it is detected that the vulnerability information does not exist in the test result file, the operation of extracting the vulnerability information in the test result file is terminated.
And S120, carrying out self-consistency detection and/or normative check on each vulnerability information, and acquiring target vulnerability information passing the detection.
The self-consistency detection may refer to performing information consistency check on the vulnerability information according to the content of the vulnerability information, that is, detecting whether information covering the same content in the vulnerability information indicates consistency. The normative check may refer to checking a format of the vulnerability information according to a submission specification of the vulnerability management system or checking whether vulnerability information consistent with the vulnerability information exists in the vulnerability management system. The vulnerability management system may refer to a system for uniformly managing vulnerability information, such as a Mantis system. Target vulnerability information may refer to vulnerability information that satisfies self-consistency detection and normative checks.
In an optional implementation, the self-consistency detection of each vulnerability information includes: extracting a target project name from the currently processed target vulnerability information, and carrying out consistency detection on the project name and a standard project name of the target test product; or extracting target vulnerability classification and target log error information from the currently processed target vulnerability information, and carrying out adaptability detection on the target vulnerability classification and the target log error information. The target project name can refer to a test project name of a current target test product displayed in the vulnerability information, such as an application program test project; the standard project name can refer to the name of the test project where the current target test product is actually located; the target vulnerability classification may refer to a type of error occurring in the target mapping test product, such as a Central Processing Unit (CPU) error or a memory error; the target log error reporting information can indicate that the log information with errors is displayed in the test process of the target mapping test product. Therefore, by comparing the item names in the vulnerability information with the standard item names of the tested products, or comparing the vulnerability classification in the vulnerability information with the log error information, the detection standard is provided for the item names of the vulnerability information and the vulnerability classification detection, the vulnerability information meeting the requirement of the item names and the vulnerability classification can be screened out, and an effective basis is provided for subsequent operation.
In another optional implementation, the normative checking of each vulnerability information includes: acquiring at least one necessary vulnerability description item corresponding to the vulnerability management system, and detecting whether all the necessary vulnerability description items are included in the vulnerability information; or according to the existing vulnerability information in the vulnerability management system, performing duplicate removal check on each vulnerability information. The essential vulnerability description item can refer to a submission format which is satisfied when vulnerability information specified by a vulnerability management system is submitted, for example, description information which must be possessed when the vulnerability information is submitted to the vulnerability management system, and exemplarily, if the essential vulnerability description item of the vulnerability management system comprises a target test product serial number, a project name, a vulnerability classification and log error information; however, the vulnerability information of the target test product only contains the project name, vulnerability classification and log error information, and the vulnerability information does not meet the normative check if the serial number of the target test product is lacked. The duplicate removal check may refer to screening whether vulnerability information consistent with the vulnerability information of the target test product exists in vulnerability information existing in the vulnerability management system. Therefore, by comparing the vulnerability information with the necessary vulnerability description items of the vulnerability management system or screening the current vulnerability information from the existing vulnerability information in the vulnerability management system, the detection standard is provided for the vulnerability description item detection and the duplicate removal detection of the vulnerability information, the vulnerability description item can be screened out, the duplicate removal detection meets the requirement, and an effective basis is provided for subsequent operation.
And S130, respectively extracting the associated test result fragments corresponding to each target vulnerability information in the test result file.
The associated test result fragment may refer to a test log fragment containing target vulnerability information in the test result file, for example, a log line containing the target vulnerability information and a set line before and after the log line, and the number of lines of the test log fragment in the associated test result fragment needs to be set according to an actual test requirement, which is not limited in the embodiment of the present invention.
And S140, automatically submitting the target vulnerability information and the matched associated test result fragments to a vulnerability management system.
Because the specific position of the vulnerability in the target vulnerability information cannot be clearly indicated, in order to facilitate accurate analysis and modification of the vulnerability by a tester in the later stage, the related test results containing the specific position of the vulnerability need to be fragmented and submitted to the vulnerability management system, and the test efficiency of the project can be effectively improved.
According to the technical scheme of the embodiment of the invention, the acquired vulnerability information is subjected to self-consistency detection and normative inspection, and the vulnerability information meeting the self-consistency detection and the normative inspection and the corresponding associated test result are automatically fragmented and submitted to the vulnerability management system, so that the problem that the accuracy and the efficiency of the vulnerability information cannot be effectively guaranteed when a tester submits the vulnerability information manually is solved, the vulnerability information can be submitted to the vulnerability management system efficiently and accurately, and the efficiency of product testing is improved.
Example two
Fig. 2a is a flowchart of a method for automatically submitting vulnerability information according to a second embodiment of the present invention, where the embodiment is added based on the foregoing embodiment, and the adding after obtaining target vulnerability information that passes detection specifically includes: after connection with an application program interface of a database is established, uploading the target vulnerability information to the database for centralized storage; in the test result file, extracting respectively associated test result fragments corresponding to each target vulnerability information, including: and when the condition that the batch submission is met is detected, acquiring each target vulnerability information from the database in batch, and extracting the associated test result fragments corresponding to each target vulnerability information in the test result file respectively. As shown in fig. 2a, the method comprises:
s210, obtaining a test result file matched with a target test product, and reading each test result item included in the test result file line by line.
The test result item may refer to a test result included in each log line of the test result file.
S220, identifying target keywords in each test result item, and extracting vulnerability information from the test result items with the target keywords.
The target keyword may refer to a preset keyword for extracting vulnerability information, for example, the target keyword may be an ERROR keyword, and specifically, if a test result item includes the ERROR keyword, the test result item is considered to include vulnerability information, that is, the content after the ERROR keyword is extracted from the test result item is used as vulnerability information.
Therefore, the vulnerability information in the test result file is automatically extracted by using the target keyword, the problem that some quickly disappeared vulnerability information is difficult to extract manually is solved, and the extraction rate and the accuracy of the vulnerability information can be improved.
And S230, carrying out self-consistency detection and/or normative check on the vulnerability information, and acquiring target vulnerability information passing detection.
And S240, after connection with an application program interface of the database is established, uploading the target vulnerability information to the database for centralized storage.
The database may refer to a set for storing and orderly managing vulnerability information, such as a MySQL database.
In an optional implementation manner, if the vulnerability information does not pass the self-consistency detection and the normative inspection, the submission operation of the current vulnerability information is stopped, and the specific reasons that the vulnerability information does not pass the self-consistency detection and the normative inspection are displayed, so that the subsequent improvement of the tester is facilitated.
And S250, when the condition that the batch submission is met is detected, obtaining each target vulnerability information from the database in batch, and respectively extracting the associated test result fragments corresponding to each target vulnerability information in the test result file.
The batch submission condition may refer to a set condition for batch submitting the vulnerability information to the vulnerability management system, such as the number of the vulnerability information batch submitted to the vulnerability management system, or the generation time of the vulnerability information batch submitted to the vulnerability management system; for example, in order to ensure timeliness of vulnerability information submission, it is generally required to ensure that vulnerability information obtained by a test in a current working day can be submitted in the current working day, and therefore, a plurality of vulnerability information included in the same test result file in the current working day can be submitted as target vulnerability information, so that submission time is saved, and product testing efficiency is improved. Specifically, if the vulnerability information in the current database meets the batch submission condition, the vulnerability information meeting the batch submission condition is used as target vulnerability information, and the associated test result fragments corresponding to each target vulnerability information are extracted to provide a preparation basis for subsequent work.
Therefore, the vulnerability information passing through self-consistency detection and normative examination is stored in the database, so that subsequent management and batch extraction of the vulnerability information are facilitated.
And S260, identifying the target association test result fragments of which the data volume is less than or equal to the data volume threshold of the vulnerability management system.
The data volume threshold of the vulnerability management system may refer to a size threshold of an uploaded log file specified by the vulnerability management system, and for example, taking a Mantis system as an example, a maximum number of files displayed on the Mantis 20000K, that is, the size of the uploaded log file is specified not to exceed 20000K, and then the data volume threshold of the Mantis 20000K. The target association test result fragment may refer to an association test result fragment that meets a data volume threshold of the vulnerability management system.
Therefore, by screening out the associated test result fragments which meet the data volume threshold of the vulnerability management system, the problem of reduced product test efficiency caused when the associated test result fragments which do not meet the data volume threshold of the vulnerability management system are uploaded to the vulnerability management system can be solved.
And S270, the target association test result is fragmented, and the matched target vulnerability information is automatically submitted to a vulnerability management system.
Therefore, by detecting the size of the associated test result fragment, the associated test result fragment meeting the requirements of the vulnerability management system is handed up together with the vulnerability information, so that testers can check and solve the vulnerability information in time, and the test efficiency is improved.
In an optional implementation manner, if the relevant test result fragment matched with the vulnerability information does not meet the data volume threshold of the vulnerability management system, the vulnerability information is uploaded to the vulnerability management system separately, so that subsequent testers can manage the vulnerability information conveniently.
According to the technical scheme of the embodiment of the invention, vulnerability information is extracted from a test result file matched with a target test product by using a target keyword, and the vulnerability information which meets self-consistency detection and normative detection is uploaded to the database to be stored in a centralized manner; when the batch submission condition is met, acquiring each target vulnerability information in batch from the database, extracting the associated test result fragments corresponding to each target vulnerability information in the test result file, identifying the target associated test result fragments with the data volume less than or equal to the data volume threshold value of the vulnerability management system, and automatically submitting the target associated test result fragments and the matched target vulnerability information to the vulnerability management system.
Fig. 2b is a schematic flowchart of a method for automatically submitting vulnerability information according to a second embodiment of the present invention; the method mainly comprises four processes of data extraction, data connection, information check and data uploading. Fig. 2c is a flowchart of a preferred automatic vulnerability information submission method according to a second embodiment of the present invention; specifically, firstly, vulnerability information (namely bug information) occurring in the test process is obtained; then, the vulnerability management system is respectively connected with an application program interface of the vulnerability management system and an application program interface of the database; further, carrying out self-consistency detection and normative inspection on the acquired vulnerability information, and uploading the vulnerability information conforming to the self-consistency detection and the normative inspection to a database for storage; if the vulnerability information does not conform to the self-consistency detection and the normative examination, quitting the operation and displaying the specific reasons that the vulnerability information does not conform to the self-consistency detection and the normative examination; finally, extracting vulnerability information from the database in batch, extracting associated test result fragments matched with the vulnerability information, judging the size of the associated test result fragments, and packaging and uploading the associated test result fragments and the corresponding vulnerability information to a vulnerability management system if the size of the associated test result fragments meets the data volume threshold of the vulnerability management system; and if the size of the associated test result fragment does not accord with the data volume threshold of the vulnerability management system, only uploading the vulnerability information to the vulnerability management system.
EXAMPLE III
Fig. 3 is a schematic structural diagram of an apparatus for automatically submitting vulnerability information according to a third embodiment of the present invention. As shown in fig. 3, the apparatus includes: the test system comprises a data acquisition module 310, a data detection module 320, a test result extraction module 330 and a data submission module 340;
the data acquisition module 310 is configured to acquire a test result file matched with a target test product, and acquire at least one item of vulnerability information matched with the target test product according to the test result file;
the data detection module 320 is configured to perform self-consistency detection and/or normative check on each piece of vulnerability information, and acquire target vulnerability information that passes the detection;
a test result extracting module 330, configured to extract, in the test result file, associated test result fragments corresponding to each target vulnerability information respectively;
and the data submitting module 340 is configured to automatically submit the target vulnerability information and the matched associated test result fragments to the vulnerability management system.
According to the technical scheme of the embodiment of the invention, the acquired vulnerability information is subjected to self-consistency detection and normative inspection, and the vulnerability information meeting the self-consistency detection and the normative inspection and the corresponding associated test result are automatically fragmented and submitted to the vulnerability management system, so that the problem that the accuracy and the efficiency of the vulnerability information cannot be effectively guaranteed when a tester submits the vulnerability information manually is solved, the vulnerability information can be submitted to the vulnerability management system efficiently and accurately, and the efficiency of product testing is improved.
Optionally, the data obtaining module 310 may be specifically configured to read each test result item included in the test result file line by line; and identifying target keywords in each test result item, and extracting vulnerability information from the test result items in which the target keywords are identified.
Optionally, the data detection module 320 may be specifically configured to extract a target project name from currently processed target vulnerability information, and perform consistency detection on the project name and a standard project name of the target test product; or extracting target vulnerability classification and target log error reporting information from the currently processed target vulnerability information, and carrying out adaptive detection on the target vulnerability classification and the target log error reporting information.
Optionally, the data detection module 320 may be specifically configured to obtain at least one necessary vulnerability description item corresponding to the vulnerability management system, and detect whether all the necessary vulnerability description items are included in the vulnerability information; or, according to the existing vulnerability information in the vulnerability management system, performing duplicate removal check on each vulnerability information.
Optionally, the apparatus for automatically submitting vulnerability information may further include a storage module, configured to, after obtaining target vulnerability information that passes detection and establishing connection with an application program interface of a database, upload each of the target vulnerability information to the database for centralized storage;
correspondingly, the test result extracting module 330 may be specifically configured to, when it is detected that the batch submission condition is satisfied, obtain each piece of target vulnerability information in batch from the database, and extract, in the test result file, associated test result fragments corresponding to each piece of target vulnerability information, respectively.
Optionally, the data submitting module 340 may be specifically configured to identify a target association test result fragment whose data volume is less than or equal to the data volume threshold of the vulnerability management system; and automatically submitting the target association test result fragments and the matched target vulnerability information to a vulnerability management system.
Optionally, the vulnerability information includes: the system comprises a target test product serial number, a test system Internet protocol address, a project name, vulnerability classification, vulnerability occurrence time, operating system information, central processing unit information and log error information.
The device for automatically submitting the vulnerability information provided by the embodiment of the invention can execute the method for automatically submitting the vulnerability information provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
FIG. 4 shows a schematic block diagram of an electronic device 410 that may be used to implement an embodiment of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 4, electronic device 410 includes at least one processor 420, and a memory communicatively coupled to at least one processor 420, such as a Read Only Memory (ROM)430, a Random Access Memory (RAM)440, etc., where the memory stores computer programs that may be executed by at least one processor, and processor 420 may perform various suitable actions and processes according to the computer programs stored in Read Only Memory (ROM)430 or loaded from storage unit 490 into Random Access Memory (RAM) 440. In the RAM440, various programs and data required for the operation of the electronic device 410 may also be stored. The processor 420, the ROM 430 and the RAM440 are connected to each other through a bus 450. An input/output (I/O) interface 460 is also connected to bus 450.
Various components in the electronic device 410 are connected to the I/O interface 460, including: an input unit 470 such as a keyboard, a mouse, etc.; an output unit 480 such as various types of displays, speakers, and the like; a storage unit 490, such as a magnetic disk, optical disk, or the like; and a communication unit 4100 such as a network card, a modem, a wireless communication transceiver, and the like. The communication unit 4100 allows the electronic device 410 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
Processor 420 may be a variety of general and/or special purpose processing components with processing and computing capabilities. Some examples of processor 420 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 420 performs the various methods and processes described above, such as the method of vulnerability information auto-submission.
The method comprises the following steps:
obtaining a test result file matched with a target test product, and obtaining at least one item of vulnerability information matched with the target test product according to the test result file;
carrying out self-consistency detection and/or normative inspection on each vulnerability information, and acquiring target vulnerability information passing detection;
respectively extracting associated test result fragments corresponding to each target vulnerability information in the test result file;
and automatically submitting each target vulnerability information and the matched associated test result fragments to a vulnerability management system.
In some embodiments, the method of vulnerability information automatic submission may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 490. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 410 via the ROM 430 and/or the communication unit 4100. When loaded into RAM440 and executed by processor 420, the computer program may perform one or more of the steps of the above-described method of vulnerability information auto-submission. Alternatively, in other embodiments, the processor 420 may be configured by any other suitable means (e.g., by way of firmware) to perform a method of vulnerability information auto-submission.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Computer programs for implementing the methods of the present invention can be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user may provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A method for automatically submitting vulnerability information is characterized by comprising the following steps:
obtaining a test result file matched with a target test product, and obtaining at least one item of vulnerability information matched with the target test product according to the test result file;
carrying out self-consistency detection and/or normative inspection on each vulnerability information, and acquiring target vulnerability information passing detection;
respectively extracting associated test result fragments corresponding to each target vulnerability information in the test result file;
and automatically submitting each target vulnerability information and the matched associated test result fragments to a vulnerability management system.
2. The method of claim 1, wherein obtaining at least one item of vulnerability information matching the target test product according to the test result file comprises:
reading each test result item included in the test result file line by line;
and identifying target keywords in each test result item, and extracting vulnerability information from the test result items with the identified target keywords.
3. The method of claim 1, wherein performing self-consistent detection on each of the vulnerability information comprises:
extracting a target project name from the currently processed target vulnerability information, and carrying out consistency detection on the project name and a standard project name of the target test product; or
Extracting target vulnerability classification and target log error information from the currently processed target vulnerability information, and carrying out adaptive detection on the target vulnerability classification and the target log error information.
4. The method of claim 1, wherein performing a normative check on each of the vulnerability information comprises:
acquiring at least one necessary vulnerability description item corresponding to the vulnerability management system, and detecting whether all the necessary vulnerability description items are included in the vulnerability information; or
And performing duplicate removal check on each vulnerability information according to the existing vulnerability information in the vulnerability management system.
5. The method according to any one of claims 1 to 4, further comprising, after obtaining the target vulnerability information passing the detection, the steps of:
after connection with an application program interface of a database is established, uploading the target vulnerability information to the database for centralized storage;
in the test result file, respectively extracting associated test result fragments respectively corresponding to each target vulnerability information, including:
and when the condition that the batch submission is met is detected, acquiring each target vulnerability information from the database in batch, and extracting the associated test result fragments corresponding to each target vulnerability information in the test result file respectively.
6. The method of claim 1, wherein automatically submitting each of the target vulnerability information and the matched associated test result pieces to a vulnerability management system comprises:
identifying target association test result fragments with data volume less than or equal to a data volume threshold of the vulnerability management system;
and automatically submitting the target association test result fragments and the matched target vulnerability information to a vulnerability management system.
7. The method of claim 1, wherein the vulnerability information comprises: the system comprises a target test product serial number, a test system Internet protocol address, a project name, vulnerability classification, vulnerability occurrence time, operating system information, central processing unit information and log error information.
8. An apparatus for automatically submitting vulnerability information, comprising:
the data acquisition module is used for acquiring a test result file matched with a target test product and acquiring at least one item of vulnerability information matched with the target test product according to the test result file;
the data detection module is used for carrying out self-consistency detection and/or normative check on the vulnerability information and acquiring target vulnerability information passing the detection;
the test result extraction module is used for respectively extracting the associated test result fragments respectively corresponding to each target vulnerability information in the test result file;
and the data submitting module is used for automatically submitting the target vulnerability information and the matched associated test result fragments to a vulnerability management system.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of automated vulnerability information submission of any of claims 1-7.
10. A computer-readable storage medium storing computer instructions for causing a processor to implement the method for automatic vulnerability information submission of any of claims 1-7 when executed.
CN202210347815.1A 2022-04-01 2022-04-01 Method, device, equipment and medium for automatically submitting vulnerability information Pending CN114741291A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210347815.1A CN114741291A (en) 2022-04-01 2022-04-01 Method, device, equipment and medium for automatically submitting vulnerability information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210347815.1A CN114741291A (en) 2022-04-01 2022-04-01 Method, device, equipment and medium for automatically submitting vulnerability information

Publications (1)

Publication Number Publication Date
CN114741291A true CN114741291A (en) 2022-07-12

Family

ID=82279090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210347815.1A Pending CN114741291A (en) 2022-04-01 2022-04-01 Method, device, equipment and medium for automatically submitting vulnerability information

Country Status (1)

Country Link
CN (1) CN114741291A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115361219A (en) * 2022-08-24 2022-11-18 北京天融信网络安全技术有限公司 Log file processing method, electronic device and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115361219A (en) * 2022-08-24 2022-11-18 北京天融信网络安全技术有限公司 Log file processing method, electronic device and storage medium

Similar Documents

Publication Publication Date Title
CN115509797A (en) Method, device, equipment and medium for determining fault category
CN115757150A (en) Production environment testing method, device, equipment and storage medium
CN114741291A (en) Method, device, equipment and medium for automatically submitting vulnerability information
CN110795308A (en) Server inspection method, device, equipment and storage medium
CN115437961A (en) Data processing method and device, electronic equipment and storage medium
CN115203158A (en) Data comparison method, device, equipment and storage medium
CN114722401A (en) Equipment safety testing method, device, equipment and storage medium
CN114443493A (en) Test case generation method and device, electronic equipment and storage medium
CN114116688A (en) Data processing and data quality inspection method, device and readable storage medium
CN117271373B (en) Automatic construction method and device for test cases, electronic equipment and storage medium
CN116166501B (en) Log verification method and device, electronic equipment and storage medium
CN115098405B (en) Software product evaluation method and device, electronic equipment and storage medium
CN115600819A (en) Risk assessment method and device, electronic equipment and storage medium
CN116302944A (en) Service system testing method and device, electronic equipment and storage medium
CN117648252A (en) Function test method and device for software application, electronic equipment and storage medium
CN115756575A (en) Submission record acquisition method, device, equipment and storage medium
CN117609993A (en) Index analysis method, device, equipment and storage medium
CN117743396A (en) Data quality detection method, device, equipment and storage medium
CN116225390A (en) Warehouse-in method, device, equipment and medium for software development files
CN114864030A (en) Single disease type data filling and checking method, device, equipment and medium
CN117453747A (en) Data quality detection method and device, electronic equipment and storage medium
CN116069997A (en) Metadata analysis writing method, device, electronic equipment and storage medium
CN116594827A (en) Automatic test method and device for hardware equipment, workbench, equipment and medium
CN116340098A (en) Server detection method, device, equipment and medium
CN115599681A (en) Interface test method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination