A closed-loop network security monitoring method and system for security threat events

Abstract

The invention relates to a closed-loop network security supervision method and system for security threat events. When a security detection module finds a security threat event and needs to be notified, it sets the corresponding status label code and records it, generates alarm information and sends it to the alarm contact, and the alarm contact The person disposes, submits, and modifies the event status label code to be reviewed, and the network security regulatory agency will review and confirm whether the disposal is effective. If not, continue to notify the rectification, and track the incidents that are handled using network access control. Other effective disposals will complete the process. Combining with the particularity of network security, the present invention constructs a closed-loop of discovery, notification, disposal, and tracking management of security threat events, and continuously tracks security threat events to ensure closed-loop processing and correct repair of events. The process data can be quantified and assessed, and the lower-level supervision can be effectively quantified The current situation and handling of security threat incidents of institutions, increase the means of network security supervision, and continuously improve the efficiency of network security supervision and the security level of the jurisdiction.

Description

technical field [0001] The present invention relates to the transmission of digital information, such as the technical field of telegram communication, and in particular to a closed-loop network security supervision method and system for security threat events. Background technique [0002] The application of information technology has profoundly affected and changed people's production methods and lifestyles, promoted the progress and development of all aspects of society, and played an important role in promoting and supporting various fields of the national economy. With the continuous improvement of the level of information application and the continuous expansion of the scope, the problem of network information security has become increasingly prominent, seriously affecting national security, social stability, and economic order. The national level has also paid more and more attention to this issue, and has issued a series of policies in recent years, requiring various...

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problems in the prior art, the means of network security supervision is single, and it is impossible to accurately monitor the handling of network security threat events and the regional network security handling capabilities, and it is impossible to grasp the comprehensive level of regional network security capabilities. The present invention provides an optimized The closed-loop network security supervision method and system for security threat incidents, through the organic integration of security detection capabilities, regional network security personnel, and regional information systems, continuously discovers security threats, assists and urges regions to rectify threats, thereby improving regional information System security level and the security level of network security personnel in the region, thereby greatly improving the level of regional network security

Images