Research And Implementation Of Vulnerbility Aggregation And Management Tools Based On Web

As in recent years, security incidents continue to occur, and the threat level has been increasing, a small range of network security hazard to personal privacy to large governments, national-level conflict in cyberspace security, in fact security incidents should be intensified. Based on this, we should pay more and more attention to personal and government network security issues. The nature of network security issues is the presence of vulnerabilities that can be used, so the vulnerability management and analysis for network manager is very important.ently vulnerability scanning tool on the market has a wide range of kinds while those compatibility is bad, single vulnerability scanning will typically have relatively high vulnerability misstatements and false positives. Those tools are usually responsible for detecting and simple fix bugs, there is no truly vulnerability analysis and management functions. It’s still widely used tool to scan the report, the integration of artificial bug fixes. The whole process is inefficient, as for the period from discovery to repair the entire vulnerability, this process spend too much unnecessary energy.This thesis described Web-based vulnerability management tools research and development, integration of the ent market commonly used software-based vulnerability scanning tool, vulnerability scanning tools exported XML file as a data source analysis, by uploading to the present vulnerability management tool that uses Java Sax technical parsing XML file, parsed vulnerability information stored in the database. Analysis of the XML document structure for each vulnerability management results, and then write the vulnerability merging algorithm. The main principle of the algorithm is mainly through the static and dynamic comparative vulnerability scanning tools category, type of vulnerability, vulnerability generating path, vulnerability parameters, vulnerability CWE ID and other factors to determine whether they are the same vulnerabilities, the same vulnerability should merge. This reduces the cost of vulnerability management, improve efficiency, but also reduces the rate of false positives that single scan tool misstatements high rate.Web-based management tools presentation vulnerability details, you can view the overall vulnerability scanning, A different vulnerability risk rating that show of different colors to highlight the priority display critical risk and high risk level vulnerabilities, it can show the trends of bug fixes, the maximum number of application vulnerabilities, one specific vulnerability details of the description, the repair progress, comments, etc. Vulnerability, security status at a glance. So that the site managers, project managers and security personnel to test the latest developments make repair arrangements. Added support for Bugzilla tools, the realization of vulnerability defect tracking management for vulnerability discovery, repair, and so the whole cycle close monitoring and timely reaction to the bug repair status. Added support for JasperReport tools, vulnerability analysis results can be downloaded to a local analysis, the results show richer.Locally built test targets carried out more vulnerability scanning tools and the results of the import, upload files successfully resolved and demonstrated the vulnerability information and specific details of the vulnerability, the successful implementation of some of the same vulnerabilities merger, the successful implementation of the vulnerability lifecycle defect tracking management, download to a local file for vulnerability analysis and repair also has a guiding role. Achieve the basic demand for function vulnerability management tools.