华中科技大学学报(自然科学版)2016,Vol.44Issue(11):7-10,4.DOI:10.13245/j.hust.161102
Vul Tracker漏洞管理与自动化跟踪平台
Vul Tracker platform for vulnerability management and automatic tracking
摘要
Abstract
Restricted by the scanning engines ,existing vulnerability management systems suffer limi‐tations in extensibility and performance .A platform for automated vulnerability tracking was pro‐posed ,which allowed unified management of vulnerabilities from all sources .Every vulnerability was associated with a script for fix verification ,and the multi‐process task scheduler performed frequent retests in parallel ,whose performance could be further improved with a distributed deployment .As exit code was used to indicate the test results ,vulnerability test scripts could be written in any execut‐able programming language ,and could be shared by similar vulnerabilities .Open data interfaces were developed to allow integration of this platform with other IT asset and workflow management sys‐tems .There are already two successful deployments of this platform ,and the result shows that it can effectively speed up the process of vulnerability remediation .关键词
信息安全/网络安全/漏洞/扫描/Vul TrackerKey words
information security/network security/vulnerability/scanning/Vul Tracker分类
信息技术与安全科学引用本文复制引用
章思宇,姜开达..Vul Tracker漏洞管理与自动化跟踪平台[J].华中科技大学学报(自然科学版),2016,44(11):7-10,4.基金项目
国家自然科学基金资助项目(61371084). ()
