Implementation of the automated network vulnerability assessment framework

摘要

It is an essential network security management process to grasp the network security status precisely and rapidly by identifying the vulnerabilities on the network. Manual check-up method by security experts and automatic vulnerability assessment tools can be used to check the network security. But it is inevitable option to use the automatic vulnerability assessment tools to cover large-scale network. There are lots of automatic vulnerability assessment tools available in the market. But the vulnerability assessment tool cannot find an acceptable percentage of vulnerabilities by itself. When the multiple vulnerability assessment tools are used, integrating and analyzing the results can be a time-consuming job. This paper presents the implementation of the automated network vulnerability assessment framework which can integrate various kinds of vulnerability assessment tools with the purpose of complementing each other, manage them consistently from the central manager, and be easily extended to large-scale network using distributed messaging servers.