网络安全与数据治理2026,Vol.45Issue(3):17-23,7.DOI:10.19358/j.issn.2097-1788.2026.03.003
面向攻击面收敛的网络安全风险治理研究
Research on network security risk governance oriented to attack surface convergence
沈萍1
作者信息
- 1. 上海市教育委员会财务与资产管理事务中心,上海 200003
- 折叠
摘要
Abstract
In view of the dynamic changes of the organization's network attack surface and the fact that the defender's perspective can't effec-tively identify the hacker's attack means,based on the multidimensional attacker's perspective,an attack surface convergence management sys-tem with the process of"asset management,attack surface identification and risk value calculation,attack surface repair and closed-loop verifi-cation,network traffic collection and real-time monitoring and analysis"is constructed to effectively realize the"safe left shift".The known as-sets and shadow assets are included in the scope of custody,and the risk quantification and classification and closed-loop verification of security vulnerabilities are integrated.Continuous monitoring is enabled to detect asset changes in real time and take measures.The practice results show that after introducing the collaborative analysis of network traffic and threat intelligence,the number of security incidents hit by threat in-telligence has gradually decreased;the non essential exposure surfaces of websites and ports have been effectively monitored and responded to,and the average exposure time has been significantly shortened from several days to less than one hour.The attack surface management technol-ogy effectively alleviates the asymmetry of attack and defense,and improves the overall visibility and risk control efficiency of the organization in the network attack surface.关键词
攻击面收敛/资产管理/风险值计算/闭环验证Key words
attack surface convergence/asset management/calculation of risk value/closed-loop verification分类
信息技术与安全科学引用本文复制引用
沈萍..面向攻击面收敛的网络安全风险治理研究[J].网络安全与数据治理,2026,45(3):17-23,7.
