Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Method to Reduce False Positives in Vulnerability Scanning

A vulnerability scanning and vulnerability technology, applied in digital transmission systems, instruments, computing, etc., can solve problems such as the inability to complete the update in the first time, the inability to directly share false positive information, and increase the workload of the technical team, so as to reduce the follow-up workload. , The effect of reducing repetitive work and improving accuracy

Active Publication Date: 2022-02-11
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention solves the problem that in the prior art, it is necessary to rely on manual review to check the false positives one by one, and the probability of later occurrence cannot be ruled out. Relying on simple false negatives to submit is prone to more delays, which increases the workload of the technical team and generates a large number of Repetitive work, in the case of network isolation, false positive information cannot be directly shared, and the update cannot be completed in the first time, providing an optimized method to reduce false positives in vulnerability scanning

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Method to Reduce False Positives in Vulnerability Scanning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be described in further detail below in conjunction with the examples, but the protection scope of the present invention is not limited thereto.

[0031] The invention relates to a method for reducing false alarms in vulnerability scanning. By synchronizing data for network sharing, the relevant information of false alarms is obtained through the scanning system, the data is collected by a data collector, and the actual verification is carried out by professionals. Confirmed as For false positives, adjust the technical parameters, give a correction plan and synchronize it to the shared server, otherwise, it will be dealt with according to the vulnerability repair suggestion.

[0032] The method includes the following steps.

[0033] Step 1: Scan the system terminal; get false positive information.

[0034] Described step 1 comprises the following steps:

[0035] Step 1.1: Use the scanner to scan the vulnerability scanning environment for vul...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for reducing false alarms in vulnerability scanning. By scanning the system terminal, false alarm information and corresponding data are obtained, submitted to a shared server for manual review and identification, technical parameter adjustments, and synchronous correction schemes are provided. Finally, the terminal is based on Amendments are processed or repaired. The present invention can uniformly mark some types of vulnerabilities with a high false positive rate, clarify false positive points, refine the collected false positive entries, and then perform content analysis and refinement in a unified manner. The content of the report is professionally analyzed, whether it is misjudged and the corresponding correction is made, and the database and the vulnerability database are corrected; the present invention uses centralized data processing and update optimization processing to solve false positives, which not only improves the detection efficiency, but also collects effective Misreporting relevant data reduces follow-up workload, improves the accuracy of vulnerability scanning, reduces false positive rate, and greatly reduces duplication of work.

Description

technical field [0001] The invention relates to the transmission of digital information, such as the technical field of telegram communication, and in particular to a method for reducing false positives in vulnerability scanning. Background technique [0002] Due to the uneven level and experience of developers, a considerable number of developers did not make necessary legal judgments on the user's input data or information carried in the page, such as cookies, when writing code, which led to the Vulnerabilities can be used to invade databases or attack users of web applications, thereby obtaining some important data and benefits. [0003] With the increase of the number of websites, there are more and more tasks to detect webpage vulnerabilities. In the process of vulnerability scanning, there are inevitably false positives. Trouble; in the existing technology, it is generally processed directly through manual methods, deleting false positive content, or avoiding the know...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L67/1095H04L67/55G06F21/57
CPCH04L63/1433H04L67/1095G06F21/577H04L67/55
Inventor 曾建东范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products