摘要
Web应用作为信息与数字化时代的重要应用程序已经被各行各业广泛使用,其所面临的攻击也具有多样化、多发性、范围广等特点,并且在当前开源和云原生时代到来的新形势下,Web应用越来越趋于复杂化,同时安全风险也不断增多和加剧。Web应用的安全已经成为关系到整个业务系统安全的重要环节,为保证Web应用的安全,需要更多样化的技术手段来对应用进行安全检测。文章研究新形势下Web应用所面临的安全风险,分析多种Web应用安全检测技术,并对比相应技术检测效果的优劣,指明不同技术的不同应用场景,旨在为Web应用的安全检测提供技术参考,从而更全面地保证Web应用安全。
As an important type of applications in the information and digital age,Web applications have been widely used in all walks of life,and the attacks they face are also characterized by diversification,multiple occurrences,and wide scope.Under the new form of the current open source and cloud-native era,Web applications are becoming more and more complex,and security risks are also increasing and aggravating.The security of Web applications has become an important link related to the security of the entire business system.In order to ensure the security of Web applications,more diversified technical means are required to perform security inspections on applications.The paper studies the security risks faced by Web applications under the new situation,analyzes a variety of Web application security detection technologies,and compares the pros and cons of the corresponding technologies,and points out the different application scenarios of different technologies.Security testing provides technical reference to ensure the security of Web applications more comprehensively.
作者
郭新海
张小梅
刘安
丁攀
蓝鑫冲
Guo Xinhai;Zhang Xiaomei;Liu An;Ding Pan;Lan Xinchong(China Unicom Research Institute,Beijing 100048,China)
出处
《信息通信技术》
2022年第6期20-26,共7页
Information and communications Technologies
关键词
WEB应用
安全
风险
检测
Web Application
Security
Risk
Detection
