Application security detection task automatic arrangement method based on vulnerability fingerprint identification

Abstract

The invention discloses an application security detection task automatic arrangement method based on vulnerability fingerprint identification. An application vulnerability fingerprint knowledge base, three working modules and a set of tool chains are mainly included. The application vulnerability fingerprint knowledge base is used for summarizing, analyzing and discovering application vulnerability fingerprints and marking and detecting application vulnerabilities; the three working modules comprise: an application vulnerability fingerprint identification module, which is used for matching with a vulnerability fingerprint knowledge base to complete vulnerability recognition; and an application detection task arrangement module, wherein different vulnerability data sets and a security detection technology can be integrated together to complete task arrangement and configuration. According to the method, through vulnerability fingerprint identification, the problem that manual judgment detection time of an application security detection task is lagged is solved, automatic execution operation is provided, the manual workload is reduced, the detection efficiency is improved, personnel shortage in the application security response process is solved, the alarm classification quality and speed are improved, the response time is shortened, and the working pressure of security personnel is reduced.

Description

technical field [0001] The invention belongs to the technical field of application development, and in particular relates to a method for automatically arranging application security detection tasks based on vulnerability fingerprint identification. Background technique [0002] Application development security detection relies on building a security tool chain, integrating white-box source code security audit system, black-box application security detection system, and gray-box interactive testing system, and combining manual deep penetration test reports with system detection information to conduct horizontal To ensure the validity and accuracy of the test results. And through programming regulations and training developers, ensure that the code is written with good security habits to reduce security problems. [0003] White box audit tool. The project code is packaged in zip, rar and other compressed packages, uploaded and scanned locally, and the development integratio...

AI Technical Summary

Problems solved by technology

[0007] Common application security inspections use these tools to conduct manual inspections. The implementation link and frequency, detection range and depth rely on manual analysis and judgment. In order to reduce the workload, the scope and depth are reduced, such as only incremental detection; there are detection time and timing. According to people's working hours, they will test when they are free, and they will not test when they are busy with development; there are also some disadvantages as follows

[0008] (1) The use of discrete open source tools for detection data cannot be interconnected, and process control cannot be performed to form a closed security loop; many safety standards are cited without a system, too many references are overwhelming, and too few references are worried about failing; non-localized independent intellectual property testing tools, no security

[0009] (2) The overall security management and control process of application development is complex, lack of process automation platform support and incompatibility with existing processes, making it difficult to effectively control;

[0010] (3) Enterprises lack the knowledge base required for security management and control, such as: security threat database, security requirements database, security design database, security component database, security use case database, and security hardening knowledge base. Efficiency and practicality become obstacles ;

[0011] (4) Enterprises lack professional security development and control professionals, unable to communicate effectively with business personnel, developers, operation and maintenance personnel, and management, and cannot form an internal collaboration model;

[0012] (5) The enterprise lacks the ability to evaluate and audit security activities, which leads to the inability to determine the implementation effect and make effective improvements for the security activities carried out, and eventually evolve into a formality

Images