Safety alarm event processing method and device, equipment and storage medium

A technology of alarm events and processing methods, applied in computer security devices, electronic digital data processing, hardware monitoring, etc., can solve problems that affect national cyberspace sovereignty, security and development interests, affect the healthy development of enterprises, and flood security alarms, etc. Achieve scientific network security defense, maximize cost-effectiveness, and reduce serious impact

Pending Publication Date: 2021-12-10
EVERSEC BEIJING TECH
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the face of increasingly complex attacks, network security issues are becoming increasingly prominent, and the traditional mode of relying on limited human input and stacking dozens of monitoring and protection tools cannot meet current needs
[0003] During the process of invention, the inventor found that the defect of the existing technology is: in the face of tens of thousands of assets that need to be protected, many key security alarms may be overwhelmed, and it is very likely that the best protection time will be missed, which will bring unimaginable consequences , the core data may be modified and leaked, and the production system may be interrupted, which will affect the healthy development of the enterprise, and even affect the national cyberspace sovereignty, security and development interests

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety alarm event processing method and device, equipment and storage medium
  • Safety alarm event processing method and device, equipment and storage medium
  • Safety alarm event processing method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] Figure 1a It is a flowchart of a method for processing a security alarm event provided by Embodiment 1 of the present invention. This embodiment is applicable to the situation where multiple hardware assets are alarmed at the same time, and the defense order of multiple alarming hardware assets is determined. The method of this embodiment may be executed by a device for processing security alarm events, which device may be implemented in the form of software and / or hardware, and which device may be configured in a computer device such as a server or a terminal device.

[0026] Correspondingly, the method specifically includes the following steps:

[0027] S110. Obtain multiple security alarm events generated within a set time period, and identify target alarm hardware corresponding to each security alarm event.

[0028] Among them, the security alarm event can be the threat in the server or cloud product detected by the cloud security center. These threats can be an a...

Embodiment 2

[0108] figure 2 It is a schematic structural diagram of a security alarm event processing device provided in Embodiment 2 of the present invention. The security alarm event processing device provided in this embodiment can be implemented by software and / or hardware, and can be configured in a server or a terminal A method for processing a security alarm event in an embodiment of the present invention is implemented in a device. Such as figure 2 As shown, the device may specifically include: a security alarm event acquisition module 210, a target asset importance index acquisition module 220, a target hazard importance index acquisition module 230 and a processing sequence determination module 240.

[0109] Wherein, the security alarm event acquisition module 210 is used to acquire multiple security alarm events generated within the set duration, and identify target alarm hardware corresponding to each security alarm event;

[0110] The target asset importance index acquisi...

Embodiment 3

[0135] image 3 It is a structural diagram of a computer device provided in Embodiment 3 of the present invention. Such as image 3 As shown, the device includes a processor 310, a memory 320, an input device 330, and an output device 340; the number of processors 310 in the device can be one or more, image 3 Take a processor 310 as an example; the processor 310, memory 320, input device 330 and output device 340 in the device can be connected by bus or other methods, image 3 Take connection via bus as an example.

[0136] The memory 320, as a computer-readable storage medium, can be used to store software programs, computer-executable programs and modules, such as program instructions / modules corresponding to the security alarm event processing method in the embodiment of the present invention (for example, security alarm event acquisition module 210, target asset importance index acquisition module 220, target hazard importance index acquisition module 230 and processin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a safety alarm event processing method and device, equipment and a storage medium. The method comprises the following steps: collecting a plurality of safety alarm events generated within a set duration, and recognizing target alarm hardware corresponding to each safety alarm event; obtaining a target asset type corresponding to each target alarm hardware, and querying a mapping relationship between the asset type and an asset importance index to obtain a target asset importance index; obtaining a target hazard level corresponding to each safety alarm event, and querying a mapping relationship between the hazard level and a hazard importance index to obtain a target hazard importance index; According to each target asset importance index and each target hazard importance index, determining a processing sequence of each safety alarm event, and processing the safety alarm events. According to the embodiment of the invention, the problem of effective protection of tens of thousands of information technology assets is solved, the safety event handling efficiency is improved, and the cost benefit of safety reinforcement is maximized.

Description

technical field [0001] Embodiments of the present invention relate to computer data processing technology, and in particular to a processing method, device, equipment and storage medium of a security alarm event. Background technique [0002] With the accelerated evolution of the digital transformation trend, the number of enterprises migrating to the cloud has surged, and information technology (Information Technology, IT) assets are increasing, and the resulting vulnerabilities are also increasing day by day. In the face of increasingly complex attacks, network security issues are becoming increasingly prominent, and the traditional mode of relying on limited human input and stacking dozens of monitoring and protection tools cannot meet current needs. [0003] During the process of invention, the inventor found that the defect of the existing technology is: in the face of tens of thousands of assets that need to be protected, many key security alarms may be overwhelmed, an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/30G06F21/55G06F21/57
CPCG06F11/3006G06F11/3058G06F21/554G06F21/577
Inventor 张羽尚程王方圆姜福利李忠傅强蔡琳梁彧田野王杰杨满智金红陈晓光
Owner EVERSEC BEIJING TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap