Abstract: The lack of closedloop vulnerability management for massive information assets may lead to largescale network or data security incidents. A vulnerability tracking and disposal platform for fine management of massive assets is designed. The platform adopts the “N+1+X” architecture (that is, N vulnerability collectors, 1 analysis and management system, X source data sharing). Through frontend, backend, and side distributed cluster deployment, it realizes the functions of massive asset vulnerability collection, vulnerability verification, asset attribute perfection, vulnerability intelligence supplement, vulnerability scheduling and disposal. The experimental environment test verifies the usability and stability of the platform, which can provide an effective solution for dynamic vulnerability management of largescale assets.

Key words: Asset refinement, vulnerability management, threat intelligence, network security, lifecycle

摘要： 针对海量信息资产缺乏漏洞闭环管理可能引发大规模网络或数据安全事件的问题.设计了一种海量资产精细管理的漏洞跟踪处置平台.该平台采用“N+1+X”体系架构(即N个漏洞采集器、1个分析管理系统、X源数据共享)，通过前端、后端、旁向方式分布式集群化部署，实现海量资产漏洞采集、漏洞核验、资产属性完善、漏洞情报补充、漏洞调度处置等功能.实验测试验证了平台的可用性和稳定性，可为大规模资产的漏洞动态管理提供有效解决方案.

关键词: 资产精细化, 漏洞管理, 威胁情报, 网络安全, 生命周期