Vulnerability management system based on correlation analysis of multi-engine vulnerability scanning

Abstract

The present invention proposes a vulnerability management system based on multi-engine vulnerability scanning correlation analysis, including: an asset detection management module, which detects and scans asset information in the network; Vulnerability scanning and analysis of services and databases, supporting intelligent service identification; Web vulnerability scanning module automatically parses and scans data according to asset information, verifies discovered WEB vulnerabilities, and records test data packets found by scanning vulnerabilities; database security scanning module ;Security baseline verification module; industrial control vulnerability scanning module; APP vulnerability scanning module; WIFI security detection module; report correlation analysis module; network-wide distributed management module. The invention can correlate the inspection results with the compliance library of the information security level protection, generate a level protection evaluation report meeting the specification requirements, and fully meet the security requirements of different customers.

Description

technical field [0001] The invention relates to the technical field of vulnerability scanning, in particular to a vulnerability management system based on correlation analysis of multi-engine vulnerability scanning. Background technique [0002] (1) The emergence of loopholes [0003] Vulnerabilities are primarily the result of errors in design and implementation that compromise information integrity, availability, and confidentiality. Vulnerabilities are often in software, but also at various information system layers, from protocol specifications to design to physical hardware. Vulnerabilities can also be intentional by malicious users or automated malicious code. A single breach in a critical system or network can seriously compromise an organization's security posture. [0004] The term "vulnerability" is defined as vulnerability or "exploitation of weaknesses in information security system design, procedures, implementation, or internal controls to gain unauthorized ...

AI Technical Summary

Problems solved by technology

[0005] (2) The impact of the vulnerability

Different types of software and hardware devices, different versions of the same device, different systems composed of different devices, and the same system under different setting conditions will have different security vulnerabilities.

[0007] (3) Harm of loopholes

[0010] Moreover, whether the information system configuration operation is safe is also an important aspect of security risks. Security configuration errors are generally caused by personnel operating errors

Although there are configuration checklists, industry norms, and programmatic requirements for graded protection that provide operation and maintenance personnel with a basis for checking security configurations, how to quickly and effectively check the various types and quantities of devices and software in the network Security configuration, identifying items that do not comply with security specifications, so as to meet the requirements of rectification and compliance, this is also a difficult problem for operation and maintenance personnel

Images