Asset vulnerability static analysis method and device based on endogenous security

Asset vulnerability static analysis method and device based on endogenous security

The invention discloses an endophytic security-based asset vulnerability static analysis method and device, relates to the technical field of security detection, and aims to optimize detection and analysis of asset vulnerabilities. According to the main technical scheme, the method comprises the ste...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WANG RUI, LI LUOGANG
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an endophytic security-based asset vulnerability static analysis method and device, relates to the technical field of security detection, and aims to optimize detection and analysis of asset vulnerabilities. According to the main technical scheme, the method comprises the steps of obtaining asset information corresponding to assets to be analyzed; the asset information is matched with asset identification rules contained in a general platform enumeration CPE, a target vulnerability identifier corresponding to the asset information is searched, and each asset identification rule in the general platform enumeration CPE corresponds to one vulnerability identifier; vulnerability information corresponding to the target vulnerability identifier is obtained from a target vulnerability knowledge base, the target vulnerability knowledge base is obtained by fusing multiple different types of vulnerability knowledge bases, and the vulnerability information corresponding to each vulnerability iden