Santoso et al., 2023 - Google Patents
Vulnerability Data Assessment and Management Based on Passive Scanning Method and CVSSSantoso et al., 2023
- Document ID
- 6816340843824219825
- Author
- Santoso B
- Ijtihadie R
- Aryawan G
- Publication year
- Publication venue
- 2023 14th International Conference on Information & Communication Technology and System (ICTS)
External Links
Snippet
Vulnerability data assessment is the process of identifying, assessing, indexing, and prioritizing vulnerabilities in computer systems, applications, and network infrastructures. Automated testing tools such as Nessus, Acunetix, and Netsparker are commonly used in …
- 238000000034 method 0 title abstract description 96
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30864—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems
- G06F17/30867—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems with filtering and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
- G06Q10/063—Operations research or analysis
- G06Q10/0639—Performance analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation, e.g. computer aided management of electronic mail or groupware; Time management, e.g. calendars, reminders, meetings or time accounting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/02—Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP]
- H04L67/025—Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP] for remote control or remote monitoring of the application
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210334821A1 (en) | Platform for facilitating an automated it audit | |
| US11748095B2 (en) | Automation of task identification in a software lifecycle | |
| Gupta et al. | The anatomy of a large-scale experimentation platform | |
| US10628764B1 (en) | Method of automatically generating tasks using control computer | |
| US8789187B1 (en) | Pattern tracking and capturing human insight in a web application security scanner | |
| US10884911B2 (en) | System and method for use in regression testing of electronic document hyperlinks | |
| Marculescu et al. | On the faults found in REST APIs by automated test generation | |
| Pathirathna et al. | Security testing as a service with docker containerization | |
| AlGhamdi et al. | Towards reducing the time needed for load testing | |
| Dunagan et al. | Heat-ray: combating identity snowball attacks using machinelearning, combinatorial optimization and attack graphs | |
| Bose et al. | ‘under-reported’security defects in kubernetes manifests | |
| Yee | Security metrics: An introduction and literature review | |
| Camacho et al. | Chaos as a Software Product Line—a platform for improving open hybrid‐cloud systems resiliency | |
| Santoso et al. | Vulnerability Data Assessment and Management Based on Passive Scanning Method and CVSS | |
| WO2022170132A1 (en) | Asset ranking and classification systems and methods | |
| Ribeiro et al. | A perception of the practice of software security and performance verification | |
| Khan et al. | Challenges and their practices in adoption of hybrid cloud computing: An analytical hierarchy approach | |
| US11119763B2 (en) | Cognitive selection of software developer for software engineering task | |
| Rahman et al. | An empirical study of task infections in Ansible scripts | |
| He et al. | Using software dependency to bug prediction | |
| US9239745B1 (en) | Method and apparatus for managing security vulnerability lifecycles | |
| Jayakody et al. | Web-application security evaluation as a service with cloud native environment support | |
| Mathijssen et al. | Source data for the focus area maturity model for api management | |
| Ylätalo | Development of process and tools for vulnerability management | |
| Hookana | SOCs as Enablers for Continuous Threat Exposure Management |