Application security auditing method and device, electronic equipment and storage medium

An application security and memory technology, applied in computer security devices, computing, electrical digital data processing, etc., can solve problems such as detection and scanning of unfavorable characteristic systems, system false positives, etc., to improve efficiency, reduce time and a large number of false positives.

Inactive Publication Date: 2020-04-07
北京国舜科技股份有限公司
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, many of the existing code security audit systems have a large number of system false positives, and their built-in rules are not conducive to the detection and scanning of the company's own characteristic systems.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application security auditing method and device, electronic equipment and storage medium
  • Application security auditing method and device, electronic equipment and storage medium
  • Application security auditing method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0057] figure 1 It shows a schematic flowchart of an application security audit method provided in this embodiment, as shown in figure 1 As shown, the application security audit method may include the following steps:

[0058] S110. Scan the application code to obtain a first code scanning result.

[0059] Specifically, the application code may refer to the source code of each application. Moreover, when scanning the application code, a scanning task may be established first, and then the scanning task is executed. For example, for Java application codes, there are many options for establishing scanning entry paths. The common method is to directly execute the web...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an application security auditing method and device, electronic equipment and a storage medium, and the method comprises the steps: scanning an application code, and obtaining a first code scanning result; configuring an auxiliary auditing rule for code auditing; screening the first code scanning result according to the auxiliary auditing rule to obtain a second code scanning result for manual auditing; and when a code auditing result for the second code scanning result is received, outputting the code auditing result. Therefore, the auxiliary auditingof the manual auditing is realized, the manual auditing time and a large amount of false alarms are reduced, and the application security auditing efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to an application security audit method, device, electronic equipment and storage medium. Background technique [0002] Code audit is an advanced penetration testing service, which is a source code analysis method to discover program errors, security holes and violations of program coding standards. At present, manual source code audit has become the bottom-level best guarantee to truly guarantee the design, development and application of software source code. However, many of the existing code security audit systems have a large number of system false positives, and their built-in rules are not conducive to the detection and scanning of the company's own characteristic systems. Contents of the invention [0003] Due to the above-mentioned problems in the existing methods, the embodiment of the present invention proposes an application security audit method, device, ele...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 姜强顿壮壮周学龙孟庆飞李晨曦武锦程王志伟
Owner 北京国舜科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap