Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for determining script for processing security event and storage medium

A technology for security events and scripts, applied in the field of Internet security, can solve problems such as low efficiency in determining scripts, and achieve the effect of improving efficiency

Active Publication Date: 2021-02-26
HUAWEI TECH CO LTD
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the above method, if there is no bound script for the type of security event received, the security event still needs to be programmed manually, which leads to the efficiency of determining the script too low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for determining script for processing security event and storage medium
  • Method and device for determining script for processing security event and storage medium
  • Method and device for determining script for processing security event and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] In order to make the purpose, technical solution and advantages of the present application clearer, the implementation manners of the present application will be further described in detail below in conjunction with the accompanying drawings.

[0051] Before explaining the embodiment of the present application, the application scenario of the embodiment of the present application is explained first.

[0052] At present, there are many types of security incidents that threaten network security, and the closed loop of security incidents requires manual participation. Closing the loop refers to blocking security events. In the live network, most customers are worried that wrong blocking policies will be issued due to misreported security events, which will affect the business. Therefore, the operation and maintenance personnel will first analyze the logs, processes and other files on the host to confirm that the security events are threatening, and then Clear files on the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for determining a script for processing a security event and a storage medium, and belongs to the technical field of internet security. The method comprisesthe following steps: searching a script bound with the type of a to-be-processed security event; and if the type of the security event is not found, determining a case matched with the type of the security event from a case database, and determining a script used for processing the security event from one or more scripts included in the case matched with the type of the security event. Accordingto the invention, since each case in the case database is used for indicating the script executed for the historical security events belonging to the same type and the processing result after the script is executed, for the current security event to be processed, even if the script bound with the type is not found, the script for processing the security event can still be determined through the case database; compared with the mode that the script for the security event needs to be arranged manually, the method provided by the invention can obviously improve the script obtaining efficiency.

Description

technical field [0001] The present application relates to the technical field of Internet security, in particular to a method, device and storage medium for determining a script for handling security events. Background technique [0002] With the development of Internet security technologies, security orchestration, automation, and response (SOAR) systems are more and more widely used to handle security incidents. After the security event is input into the SOAR system, the SOAR system analyzes the security event and determines a playbook. The playbook includes a series of blocking strategies. When the SOAR system executes the script, it can control multiple network security devices connected to the SOAR system to execute this series of blocking strategies, so as to realize the processing of the security event. [0003] Currently, for different types of security events, scripts for each type of security event are manually compiled to obtain the corresponding relationship be...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441H04L63/20
Inventor 邢超
Owner HUAWEI TECH CO LTD