摘要
通过主动扫描、被动流量监测等技术手段形成资产知识图谱画像,把资产基本面和日常变化情况构建为可供感知的资产数据;使用"机器学习"技术抽取威胁情报数据,与资产数据进行自动化关联比对,快速定位存在异常威胁的资产;结合历史应急解决方案,提高应急响应、修复的速度。
Through the active scanning, passive flow monitoring and other technical means to form an asset knowledge graph/vault, the asset fundamentals and daily changes are constructed as perceived asset data, and then use "machine learning" technology to extract threat intelligence data which is correlated with assets data automatically to locate assets with abnormal threats fast. Finally, combined with historical emergency solutions, the speed of emergency response and repair is improved.
出处
《信息技术与标准化》
2018年第9期81-84,共4页
Information Technology & Standardization
关键词
资产管理
知识图谱
威胁情报
应急响应
assets management
knowledge graph
threat intelligence
emergency response