摘要 |
According to one embodiment of the present invention, an industrial security management automation system for keeping continuous security in commissioned information system development and a method thereof, to keep the continuous security by automatically checking whether security update, regular security maintenance and periodic security check are performed. The system and method comprise: a module extracting a type, version information, a patch log and the latest execution date by analyzing a system file of an operating system (OS), and analyzing the latest patch information list by comparing the list with the extracted data, so as to check whether a basic security measure (update) of the OS is executed; and a module extracting version information, a patch date and patch version information of an application program, and analyzing the latest patch information list by comparing the list with the extracted data, so as to check whether the latest security measure for the application program is executed. |