Vulnerability management system based on multi-engine vulnerability scanning association analysis

Abstract

The invention provides a vulnerability management system based on multi-engine vulnerability scanning association analysis. The vulnerability management system comprises: an asset detection managementmodule used for detecting asset information in a scanning network; a system vulnerability scanning module used for performing vulnerability scanning and analysis on a network device, an operating system, application service and a database according to the asset information, and supporting intelligent service identification; a Web vulnerability scanning module used for automatically parsing data according to the asset information, scanning the data, verifying a discovered WEB vulnerability, and recording a test data packet discovered by vulnerability scanning; a database security scanning module; a security baseline verification module; an industrial control vulnerability scanning module; an APP vulnerability scanning module; a WIFI security detection module; a report association analysismodule; and a whole-network distributed management module. The vulnerability management system provided by the invention can perform association analysis on a detection result and a compliance libraryof information security level protection to generate a level protection evaluation report that meets the specification requirements, and the security requirements of different customers are comprehensively met.

Description

technical field [0001] The invention relates to the technical field of vulnerability scanning, in particular to a vulnerability management system based on correlation analysis of multi-engine vulnerability scanning. Background technique [0002] (1) The emergence of loopholes [0003] Vulnerabilities are primarily the result of errors in design and implementation that compromise information integrity, availability, and confidentiality. Vulnerabilities are often in software, but also at various information system layers, from protocol specifications to design to physical hardware. Vulnerabilities can also be intentional by malicious users or automated malicious code. A single breach in a critical system or network can seriously compromise an organization's security posture. [0004] The term "vulnerability" is defined as vulnerability or "exploitation of weaknesses in information security system design, procedures, implementation, or internal controls to gain unauthorized ...

AI Technical Summary

Problems solved by technology

[0005] (2) The impact of the vulnerability

Different types of software and hardware devices, different versions of the same device, different systems composed of different devices, and the same system under different setting conditions will have different security vulnerabilities.

[0007] (3) Harm of loopholes

[0010] Moreover, whether the information system configuration operation is safe is also an important aspect of security risks. Security configuration errors are generally caused by personnel operating errors

Although there are configuration checklists, industry norms, and programmatic requirements for graded protection that provide operation and maintenance personnel with a basis for checking security configurations, how to quickly and effectively check the various types and quantities of devices and software in the network Security configuration, identifying items that do not comply with security specifications, so as to meet the requirements of rectification and compliance, this is also a difficult problem for operation and maintenance personnel

Images