首页>
外国专利>
system and method for scoring the assessment and classification of active information system
system and method for scoring the assessment and classification of active information system
展开▼
机译:主动信息系统评估和分类评分系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
a solution (scorisk '') integrated in the concept of "market place corevidence o information technology is designed, in this environment, the calculation and the measurement of risk levels for the scans analysis and compliance assessment and compliance scans), su the basis of the following criteria: accuracy, structurethe common vulnerabilities reported by all engines scan involved; the weight (weight), based on the classification (scoring) on severity and cvss usability evaluation system.0, the predetermined identification or classification, where the vulnerability is identified as part of a list of risks according to the ordered list cwe / top 25; the persistence criterion measuring the persistence of the solution for integrated approach to vulnerability. e and overall safety of the assets. (see figure 2, figure 3).
展开▼
机译:设计了一种集成在“市场核心证据或信息技术”概念中的解决方案(星号“),在此环境下,对扫描分析,合规性评估和合规性扫描进行风险级别的计算和度量)以下标准之一:准确性,结构所有涉及的发动机扫描报告的常见漏洞;权重(重量),基于严重程度的分类(评分)和cvss可用性评估系统.0,预定的标识或分类,其中漏洞为根据排序的清单cwe // top 25将其确定为风险列表的一部分;持久性标准用于衡量针对脆弱性e的综合方法和资产的整体安全性的解决方案的持久性(见图2,图3) 。
展开▼