Unlock instant, AI-driven research and patent intelligence for your innovation.

Third-party component vulnerability scanning method and device

A vulnerability scanning and component technology, applied in the computer field, can solve the problems of long investigation time, low efficiency, and easy omissions in the vulnerability query process, and achieve the effect of short scanning time, high efficiency, and not easy to omit

Pending Publication Date: 2020-09-18
BANK OF CHINA
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, while the third-party components improve development efficiency, they also bring greater security risks, because the third-party components themselves may have security vulnerabilities. A vulnerability scanning method for third-party components is very necessary
[0003] In the prior art, the manual inspection method is generally used for the vulnerabilities of third-party components. However, in the case of many projects, the manual inspection method has at least the following problems: the inspection time is long, the efficiency is low, and the It is easy to miss in the process of vulnerability inquiry

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Third-party component vulnerability scanning method and device
  • Third-party component vulnerability scanning method and device
  • Third-party component vulnerability scanning method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings. Here, the exemplary embodiments and descriptions of the present invention are used to explain the present invention, but not to limit the present invention.

[0039] In the description of this specification, the words "comprising", "comprising", "having", "containing" and so on are all open terms, meaning including but not limited to. A description referring to the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one of the present application. Examples or examples. In this specification, schematic representations of the above terms do not ne...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a third-party component vulnerability scanning method and device. The method comprises the steps of: packaging a vulnerability scanning tool into a mirror image of a container;and based on the mirror image, creating a new container by utilizing a scheduling tool; obtaining the source code of a target system from a source code server by utilizing the new container; performing construction processing on the source code to obtain used third-party component information; and querying vulnerabilities of a third-party component in a preset vulnerability library based on the vulnerability scanning tool configuration file and the third-party component information. According to the method, the vulnerability of the third-party component used by the target system can be automatically scanned, the troubleshooting time is short, the efficiency is high, and omission is not likely to occur in the vulnerability scanning process.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a third-party component vulnerability scanning method and device. Background technique [0002] With the continuous development of computer-related businesses, in order to meet business needs and improve development efficiency, many projects have introduced third-party components. However, while the third-party components improve development efficiency, they also bring greater security risks, because the third-party components themselves may have security vulnerabilities. A vulnerability scanning method for third-party components is very necessary. [0003] In the prior art, the manual inspection method is generally used for the vulnerabilities of third-party components. However, in the case of many projects, the manual inspection method has at least the following problems: the inspection time is long, the efficiency is low, and the It is easy to miss in the process of vulner...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 高倩田济榕韩琪张博尹充
Owner BANK OF CHINA