Method for reducing false alarm of vulnerability scanning

A vulnerability scanning and vulnerability technology, applied in instrument, platform integrity maintenance, electrical digital data processing, etc., can solve the problems of unable to complete the update immediately, unable to directly share false positive information, and increase the workload of technical team, etc. The effect of reducing follow-up workload, reducing repetitive work, and improving accuracy
CN110753047AActive Publication Date: 2020-02-04HANGZHOU ANHENG INFORMATION TECH CO LTD
10 Cites 2 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
HANGZHOU ANHENG INFORMATION TECH CO LTD
Publication Date
2020-02-04

Smart Images

  • Figure 1
    Figure 1
Patent Text Reader

Abstract

The invention relates to a method for reducing the false alarm of vulnerability scanning. The method comprises the following steps of: obtaining false alarm information and corresponding data by scanning a system terminal, submitting the false alarm information and the corresponding data to a shared server for manual auditing and affirmation, adjusting technical parameters, providing and synchronizing a correction scheme, and finally processing or repairing by the terminal based on the correction scheme. According to the invention, vulnerability types with high false alarm rate can be marked in a unified manner; determining a false alarm point, refining the collected false alarm items, then performing content analysis processing and refining in a unified manner, performing professional analysis on the collected false alarm content by a technician, performing misjudgment and corresponding correction, and performing correction processing on a database and a vulnerability library; data centralized processing and updating optimization processing are adopted to solve false alarm, the detection efficiency is improved, effective false alarm related data can be collected, the subsequent workload is reduced, qualitative improvement is brought to vulnerability scanning accuracy, the false alarm rate is reduced, and repeated work is greatly reduced.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the transmission of digital information, such as the technical field of telegram communication, and in particular to a method for reducing false positives in vulnerability scanning. Background technique

[0002] Due to the uneven level and experience of developers, a considerable number of developers did not make necessary legal judgments on the user's input data or information carried in the page, such as cookies, when writing code, which led to the Vulnerabilities can be used to invade databases or attack users of web applications, thereby obtaining some important data and benefits.

[0003] With the increase of the number of websites, there are more and more tasks to detect webpage vulnerabilities. In the process of vulnerability scanning, there are inevitably false positives. Trouble; in the existing technology, it is generally processed directly through manual methods, deleting false positive content, or avoiding the know...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More