Evaluation method for WEB application

An application system and user technology, applied in the field of information security, can solve problems such as inapplicable IT application system evaluation, and achieve the effect of flexible penetration testing, low false positive and false negative rates, and accurate scanning results

Inactive Publication Date: 2009-07-15
BEIJING SECDOMAIN
View PDF0 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0018] The present invention aims to provide a WEB application evaluation method, which can solve the problem that none of the evaluation methods in the prior art is applicable to the evaluation of IT application systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Evaluation method for WEB application
  • Evaluation method for WEB application
  • Evaluation method for WEB application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The present invention will be described in detail below with reference to the accompanying drawings and in combination with embodiments.

[0043] figure 2 A flow chart showing a method for evaluating a WEB application according to an embodiment of the present invention includes the following steps:

[0044] Step S10, scanning the WEB application system to obtain the weaknesses of the WEB application system;

[0045] Step S20, through the backstage of the WEB application system through the weakness;

[0046] Step S30, comprehensively scan and audit the results to infiltrate the WEB application system

[0047] Penetration testing to assess the security status of WEB application systems.

[0048] The WEB application evaluation method obtains evidence by first scanning the WEB application system and analyzing weaknesses, and then performs database security baseline audit and penetration testing on the obtained evidence to obtain a security performance evaluation. In th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a method for evaluating WEB application, wherein the method comprises the following steps: scanning a WEB application system for obtaining the weakness of WEB application system; executing safety base line auditing to the background database of WEB application system through the weakness; and executing penetration testing to the WEB application system through synthesizing the scanning result and auditing result for evaluating the safety existing state of WEB application system. The WEB application evaluating method of the invention realizes the technical effects of accurate scanning, strong auditing function and flexible permeation testing.

Description

technical field [0001] The present invention relates to the field of information security, in particular to a method for evaluating WEB applications. Background technique [0002] With the development of the Internet today, application systems based on WEB and database architectures have gradually become the mainstream and are widely used in internal and external business systems of enterprises. At present, the common attacks on the network have gradually evolved from traditional system vulnerability attacks to attacks on the application's own weaknesses. The most common attack techniques are SQL injection and phishing attacks against WEB applications. [0003] figure 1 An IT system architecture diagram is shown. Data is the core value of the entire IT system, and the application system is the most direct and cutting-edge representation and interaction platform for data. The collection, acquisition, update and processing of data are basically realized in the application s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00G06F21/00H04L29/06
Inventor 钟仲刚
Owner BEIJING SECDOMAIN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap