🥇Digital Duab ntxoov ntxoo - muaj peev xwm pab txo cov kev pheej hmoo digital

Tej zaum koj paub tias OSINT yog dab tsi thiab tau siv lub tshuab tshawb fawb Shodan, lossis twb tau siv lub threat Intelligence Platform los muab qhov tseem ceeb rau IOCs los ntawm cov khoom sib txawv. Tab sis qee zaum koj yuav tsum tau saib xyuas koj lub tuam txhab los ntawm sab nraud thiab tau txais kev pab hauv kev tshem tawm cov xwm txheej uas raug txheeb xyuas. Cov Duab Ntxoo tso cai rau koj taug qab cov cuab tam digital lub tuam txhab thiab nws cov kws tshuaj ntsuam qhia cov kev ua tshwj xeeb.

Hauv qhov tseem ceeb, Cov Duab Ntxoo Digital ua kom sib haum xeeb ua tiav SOC uas twb muaj lawm lossis npog tag nrho cov haujlwm sab nrauv perimeter taug qab. Lub ecosystem tau tsim txij li xyoo 2011 thiab ntau yam nthuav dav tau ua raws li lub hood. DS_ saib xyuas hauv Internet, social media. networks thiab darknet thiab txheeb xyuas tsuas yog qhov tseem ceeb ntawm tag nrho cov ntaub ntawv ntws.

Hauv koj tsab ntawv xov xwm txhua lub lim tiam IntSum lub tuam txhab muab ib tug kos npe rau uas koj yuav siv tau nyob rau hauv koj lub neej txhua hnub rau qhov kev ntsuam xyuas thiab cov ntaub ntawv tau txais. Koj tuaj yeem pom qhov kos npe ntawm qhov kawg ntawm kab lus.

Cov Duab Ntxoo Digital muaj peev xwm ntes thiab tua cov phishing domains, cov nyiaj cuav ntawm kev sib raug zoo; nrhiav kev cuam tshuam cov neeg ua haujlwm cov ntaub ntawv pov thawj thiab cov ntaub ntawv tawm, txheeb xyuas cov ntaub ntawv hais txog kev tawm tsam cyber ntawm lub tuam txhab, saib xyuas cov pej xeem ib puag ncig ntawm lub koom haum, thiab tseem niaj hnub soj ntsuam cov ntawv thov mobile hauv sandbox.

Txheeb xyuas cov kev pheej hmoo digital

Txhua lub tuam txhab, nyob rau hauv cov chav kawm ntawm nws cov dej num, tau txais chains ntawm kev sib txuas nrog cov neeg siv khoom thiab cov neeg koom tes, thiab cov ntaub ntawv uas nws nrhiav kev tiv thaiv yuav ua rau muaj kev pheej hmoo, thiab nws qhov ntau tsuas yog loj hlob.

Txhawm rau pib tswj cov kev pheej hmoo no, lub tuam txhab yuav tsum pib saib dhau nws thaj tsam, tswj nws, thiab tau txais cov ntaub ntawv tam sim ntawd txog kev hloov pauv.

Kev Tshawb Nrhiav Tsis Tau (cov ntaub ntawv rhiab heev, cov neeg ua haujlwm siv tau, cov ntaub ntawv qhia txog kev txawj ntse).
Xav txog tias koj cov cuab yeej kev txawj ntse tau nthuav tawm hauv Is Taws Nem lossis cov cai tsis pub lwm tus paub sab hauv tau raug xau mus rau hauv GitHub qhov chaw cia khoom. Cov neeg tawm tsam tuaj yeem siv cov ntaub ntawv no los tua ntau lub hom phiaj cyberattacks.

Online Brand Security (phishing domains thiab profiles ntawm social networks, mobile software imitating lub tuam txhab).
Txij li tam sim no nws nyuaj rau nrhiav ib lub tuam txhab tsis muaj kev sib raug zoo lossis cov platform zoo sib xws los cuam tshuam nrog cov neeg siv khoom muaj peev xwm, cov neeg tawm tsam sim ua tus neeg ua lag luam lub npe. Cybercriminals ua qhov no los ntawm kev sau npe fake domains, social media accounts, thiab mobile apps. Yog tias phishing / kev dag ntxias ua tiav, nws tuaj yeem cuam tshuam cov nyiaj tau los, cov neeg siv khoom ncaj ncees thiab kev ntseeg siab.

Attack Surface Txo (cov kev pabcuam cuam tshuam hauv Internet perimeter, qhib cov chaw nres nkoj, cov ntawv pov thawj teeb meem).
Raws li IT infrastructure loj hlob, qhov chaw nres thiab cov ntaub ntawv xov xwm txuas ntxiv mus ntxiv. Tsis ntev los sis tom qab, cov txheej txheem sab hauv tuaj yeem raug luam tawm mus rau lub ntiaj teb sab nraud, xws li cov ntaub ntawv.

DS_ yuav ceeb toom rau koj txog cov teeb meem ua ntej tus neeg tawm tsam tuaj yeem ua kom zoo dua ntawm lawv, hais txog qhov tseem ceeb tshaj plaws, cov kws tshuaj ntsuam xyuas yuav pom zoo ua ntxiv, thiab koj tuaj yeem tshem tawm tam sim ntawd.

Interface DS_

Koj tuaj yeem siv qhov kev daws teeb meem lub vev xaib ncaj qha lossis siv API.

Raws li koj tuaj yeem pom, cov ntsiab lus txheeb xyuas tau nthuav tawm nyob rau hauv daim ntawv ntawm funnel, pib los ntawm tus naj npawb ntawm cov lus hais thiab xaus nrog qhov xwm txheej tiag tiag tau txais los ntawm ntau qhov chaw.

Ntau tus neeg siv cov kev daws teeb meem raws li Wikipedia nrog cov ntaub ntawv hais txog cov neeg tawm tsam, lawv cov phiaj xwm thiab cov xwm txheej hauv thaj tsam ntawm kev ruaj ntseg cov ntaub ntawv.

Cov Duab Ntxoo Digital yog ib qho yooj yim rau kev koom ua ke rau hauv txhua qhov system sab nraud. Ob qho kev ceeb toom thiab REST APIs tau txais kev txhawb nqa rau kev koom ua ke rau hauv koj lub cev. Koj tuaj yeem sau npe IBM QRadar, ArcSight, Demisto, Anomali thiab lwm yam.

Yuav tswj cov kev pheej hmoo digital li cas - 4 cov kauj ruam yooj yim

Kauj Ruam 1: Txheeb xyuas cov cuab yeej tseem ceeb ntawm kev lag luam

Thawj kauj ruam no, tau kawg, yog nkag siab tias lub koom haum mob siab txog dab tsi thiab nws xav tiv thaiv dab tsi.

Yuav muab faib ua pawg tseem ceeb:

Cov neeg (cov neeg siv khoom, cov neeg ua haujlwm, cov koom tes, cov neeg muag khoom);
Cov koom haum (cov tuam txhab cuam tshuam thiab kev pabcuam, kev tsim vaj tsev dav dav);
Cov kab ke thiab kev ua haujlwm tseem ceeb (websites, portals, cov neeg siv khoom databases, kev them nyiaj ua haujlwm, cov neeg ua haujlwm nkag mus lossis ERP daim ntawv thov).

Thaum sau cov npe no, nws raug nquahu kom ua raws li lub tswv yim yooj yim - cov cuab yeej cuab tam yuav tsum nyob ib puag ncig cov txheej txheem kev lag luam tseem ceeb lossis kev lag luam tseem ceeb ntawm lub tuam txhab.

Feem ntau pua pua ntawm cov peev txheej tau ntxiv, suav nrog:

tuam txhab npe;
hom / trademarks;
IP chaw nyob ntau yam;
thaj chaw;
txuas mus rau social networks;
cov neeg muab khoom;
mobile apps;
patent tooj;
cim cov ntaub ntawv;
DLP IDs;
email kos npe.

Kev kho qhov kev pabcuam rau koj cov kev xav tau ua kom ntseeg tau tias koj tau txais cov lus ceeb toom tseem ceeb nkaus xwb. Qhov no yog lub voj voog rov ua dua, thiab cov neeg siv ntawm lub kaw lus yuav ntxiv cov khoom muaj nqis raws li lawv muaj, xws li cov npe tshiab, kev sib koom ua ke thiab kev yuav los tom ntej, lossis hloov kho lub vev xaib.

Kauj Ruam 2: Nkag siab txog Kev hem muaj peev xwm

Txhawm rau suav cov kev pheej hmoo zoo tshaj plaws, nws yuav tsum nkag siab txog qhov muaj peev xwm hem thiab kev pheej hmoo digital ntawm lub tuam txhab.

Attacker Techniques, Tactics thiab Procedures (TTP)
Lub moj khaum MITER AT&CK thiab lwm tus pab nrhiav ib hom lus ntawm kev tiv thaiv thiab kev tawm tsam. Sib sau cov ntaub ntawv thiab nkag siab tus cwj pwm thoob plaws ntau yam ntawm cov neeg tawm tsam muab cov ntsiab lus tseem ceeb thaum tiv thaiv. Qhov no tso cai rau koj nkag siab txog cov kauj ruam tom ntej hauv kev pom kev tawm tsam, lossis tsim lub tswv yim dav dav ntawm kev tiv thaiv raws li Tua Chain.
Attacker muaj peev xwm
Tus neeg tawm tsam yuav siv qhov txuas tsis muaj zog tshaj plaws lossis txoj kev luv tshaj plaws. Ntau yam kev tawm tsam vectors thiab lawv cov kev sib txuas - xa ntawv, lub vev xaib, sau cov ntaub ntawv passive, thiab lwm yam.

Kauj Ruam 3: Saib xyuas qhov tsis xav tau tshwm sim ntawm cov cuab yeej digital

Txhawm rau txheeb xyuas cov khoom muaj nqis, nws yuav tsum tau saib xyuas ntau qhov chaw, xws li:

Git repositories;
Tsis zoo configured huab cia;
Muab cov chaw;
Kev sib raug zoo xov xwm;
Cov rooj sib tham ua txhaum cai;
Tsaus web.

Txhawm rau kom koj pib, koj tuaj yeem siv cov khoom siv dawb thiab cov txheej txheem uas tau teev tseg los ntawm kev nyuaj hauv phau ntawv qhia'Phau Ntawv Qhia Txog Kev Txom Nyem Digital'.

Kauj Ruam 4: Siv cov kev tiv thaiv

Thaum tau txais tsab ntawv ceeb toom, yuav tsum tau ua tshwj xeeb. Peb tuaj yeem paub qhov txawv ntawm Tactical, Kev Ua Haujlwm thiab Kev Ua Haujlwm.

Hauv Digital Duab Ntxoo, txhua qhov kev ceeb toom suav nrog kev pom zoo ua. Yog tias qhov no yog phishing sau lossis nplooj ntawv hauv social network, tom qab ntawd koj tuaj yeem taug qab cov xwm txheej ntawm kev them rov qab hauv ntu "Takedowns".

Nkag mus rau qhov demo portal rau 7 hnub

Cia kuv ua ib qho kev tshwj tseg tam sim ntawd tias qhov no tsis yog qhov kev sim ua tiav, tab sis tsuas yog nkag mus rau ib ntus rau qhov demo portal kom paub koj tus kheej nrog nws cov interface thiab tshawb rau qee cov ntaub ntawv. Kev sim tag nrho yuav muaj cov ntaub ntawv cuam tshuam rau ib lub tuam txhab tshwj xeeb thiab yuav tsum tau ua haujlwm ntawm tus kws tshuaj ntsuam xyuas.

Lub demo portal yuav muaj:

Piv txwv ntawm kev ceeb toom rau phishing domains, nthuav tawm cov ntaub ntawv pov thawj, thiab kev ua haujlwm tsis muaj zog;
tshawb rau ntawm nplooj ntawv darknet, kev sib tham ua txhaum cai, pub thiab ntau ntxiv;
200 cyber hem profiles, cov cuab yeej thiab cov phiaj xwm.

Koj tuaj yeem nkag mus rau qhov no txuas.

Cov ntawv xov xwm txhua lub lim tiam thiab podcast

Hauv tsab ntawv xov xwm txhua lub lim tiam IntSum koj tuaj yeem tau txais cov ntsiab lus luv luv ntawm cov ntaub ntawv ua haujlwm thiab cov xwm txheej tshiab tshaj plaws nyob rau lub lim tiam dhau los. Koj tuaj yeem mloog podcast ShadowTalk.

Txhawm rau ntsuas qhov chaw, Digital Duab Ntxoo siv cov nqe lus zoo los ntawm ob qhov kev ntsuas, ntsuas qhov kev ntseeg siab ntawm cov peev txheej thiab kev ntseeg siab ntawm cov ntaub ntawv tau txais los ntawm lawv.

Tsab ntawv tau sau raws li 'Phau Ntawv Qhia Txog Kev Txom Nyem Digital'.

Yog tias qhov kev daws teeb meem txaus siab rau koj, koj tuaj yeem tiv tauj peb - lub tuam txhab Factor pawg, distributor ntawm Digital Shadows_. Txhua yam koj yuav tau ua yog sau hauv daim ntawv dawb ntawm [email tiv thaiv].

Tus sau phau ntawv: popov-as и dima_ mus.

Tau qhov twg los: www.hab.com

Digital Duab ntxoov ntxoo - muaj peev xwm pab txo cov kev pheej hmoo digital