Nyob zoo txhua leej txhua tus!
Niaj hnub no kuv xav tham txog huab kev daws teeb meem rau kev tshawb nrhiav thiab tshuaj xyuas qhov tsis zoo Qualys Vulnerability Management, uas yog ib qho ntawm peb. .
Hauv qab no kuv yuav qhia seb qhov kev tshuaj ntsuam nws tus kheej tau teeb tsa li cas thiab cov ntaub ntawv ntawm qhov tsis zoo tuaj yeem pom raws li cov txiaj ntsig.
Dab tsi tuaj yeem luam tawm
Cov kev pabcuam sab nraud. Txhawm rau luam theej duab cov kev pabcuam uas muaj kev nkag mus rau hauv Is Taws Nem, tus neeg siv khoom muab rau peb nrog lawv qhov chaw nyob IP thiab daim ntawv pov thawj (yog tias xav tau kev kuaj xyuas nrog kev lees paub). Peb luam theej duab cov kev pabcuam siv Qualys huab thiab xa ib daim ntawv qhia raws li cov txiaj ntsig.
Cov kev pabcuam sab hauv. Hauv qhov no, lub scanner saib rau qhov tsis zoo hauv cov servers sab hauv thiab network infrastructure. Siv cov scan no, koj tuaj yeem sau cov ntawv teev npe ntawm cov haujlwm ua haujlwm, cov ntawv thov, qhib cov chaw nres nkoj thiab cov kev pabcuam tom qab lawv.
Lub Qualys scanner tau teeb tsa los luam theej duab hauv cov neeg siv khoom. Lub Qualys huab ua haujlwm ua qhov chaw hais kom ua rau lub scanner no.
Ntxiv rau lub server sab hauv nrog Qualys, cov neeg sawv cev (Cloud Agent) tuaj yeem ntsia tau rau ntawm cov khoom scanned. Lawv sau cov ntaub ntawv hais txog qhov system hauv zos thiab tsim kom tsis muaj kev thauj khoom ntawm lub network lossis cov tswv tsev uas lawv ua haujlwm. Cov ntaub ntawv tau txais yog xa mus rau huab.
Muaj peb lub ntsiab lus tseem ceeb ntawm no: kev lees paub thiab xaiv cov khoom los luam theej duab.
- Siv Authentication. Qee cov neeg thov kom blackbox scanning, tshwj xeeb tshaj yog rau cov kev pabcuam sab nraud: lawv muab ntau qhov chaw nyob IP rau peb yam tsis tau hais txog qhov system thiab hais tias "zoo li hacker." Tab sis hackers tsis tshua ua qhov muag tsis pom. Thaum nws los tawm tsam (tsis yog kev tshawb nrhiav), lawv paub tias lawv yog dab tsi.
Qhov muag tsis pom kev, Qualys tuaj yeem cuam tshuam rau decoy banners thiab luam theej duab lawv es tsis txhob ntawm lub hom phiaj. Thiab tsis muaj kev nkag siab qhov tseeb yuav raug tshuaj xyuas, nws yooj yim rau nco cov chaw scanner thiab "ntxiv" cov kev pabcuam raug kuaj xyuas.
Kev luam theej duab yuav muaj txiaj ntsig zoo dua yog tias koj ua qhov kev txheeb xyuas qhov tseeb nyob rau hauv pem hauv ntej ntawm lub tshuab luam ntawv (whitebox). Txoj kev no tus scanner yuav nkag siab qhov twg nws tuaj, thiab koj yuav tau txais cov ntaub ntawv tiav txog qhov tsis zoo ntawm lub hom phiaj.
Qualys muaj ntau txoj kev xaiv kev lees paub. - Pab pawg cuab tam. Yog tias koj pib luam theej txhua yam ib zaug thiab indiscriminately, nws yuav siv sij hawm ntev thiab tsim ib qho kev thauj khoom tsis tsim nyog ntawm lub tshuab. Nws yog qhov zoo dua rau pab pawg tswv thiab cov kev pabcuam rau hauv pab pawg raws li qhov tseem ceeb, qhov chaw, OS version, kev tsim kho vaj tse thiab lwm yam yam ntxwv (hauv Qualys lawv hu ua Asset Groups thiab Asset Tags) thiab xaiv ib pab pawg tshwj xeeb thaum luam theej duab.
- Xaiv lub qhov rais technical los luam theej duab. Txawm hais tias koj tau xav thiab npaj, scanning tsim kev ntxhov siab ntxiv ntawm lub kaw lus. Nws yuav tsis tas yuav ua rau kev puas tsuaj ntawm cov kev pabcuam, tab sis nws yog qhov zoo dua los xaiv lub sijhawm rau nws, xws li kev thaub qab lossis rollover ntawm kev hloov tshiab.
Koj kawm tau dab tsi los ntawm cov ntawv ceeb toom?
Raws li cov txiaj ntsig scan, tus neeg siv tau txais ib daim ntawv tshaj tawm uas yuav tsis tsuas yog ib daim ntawv teev npe ntawm txhua qhov tsis zoo uas pom, tab sis kuj tseem muaj cov lus pom zoo rau kev tshem tawm lawv: hloov tshiab, thaj ua rau thaj, thiab lwm yam. Qualys muaj ntau cov lus ceeb toom: muaj cov qauv qub, thiab koj tuaj yeem tsim koj tus kheej. Txhawm rau kom tsis txhob tsis meej pem hauv txhua qhov sib txawv, nws yog qhov zoo dua los ua ntej txiav txim siab rau koj tus kheej ntawm cov ntsiab lus hauv qab no:
- Leej twg yuav saib daim ntawv qhia no: tus thawj coj lossis tus kws tshaj lij?
- Cov ntaub ntawv dab tsi koj xav tau los ntawm cov txiaj ntsig scan? Piv txwv li, yog tias koj xav paub seb puas yog txhua qhov tsim nyog thaj ua rau raug teeb tsa thiab ua haujlwm li cas txhawm rau tshem tawm qhov tsis zoo yav dhau los, ces qhov no yog ib daim ntawv tshaj tawm. Yog tias koj tsuas yog xav tau cov khoom muag ntawm txhua tus tswv, ces lwm qhov.
Yog tias koj txoj haujlwm yog los qhia cov duab luv luv tab sis meej rau kev tswj hwm, ces koj tuaj yeem tsim Daim ntawv tshaj tawm. Txhua qhov tsis zoo yuav raug txheeb xyuas rau hauv txee, theem ntawm kev thuam, daim duab thiab daim duab. Piv txwv li, saum 10 qhov tseem ceeb tshaj plaws qhov tsis zoo lossis qhov tsis zoo tshaj plaws.
Rau ib tug kws kho mob muaj Daim ntawv qhia kev nrog tag nrho cov ntsiab lus thiab cov ntsiab lus. Cov ntaub ntawv hauv qab no tuaj yeem tsim tau:
Tus tswv tsev qhia. Ib qho tseem ceeb thaum koj xav tau cov khoom muag ntawm koj cov kev tsim kho vaj tse thiab tau txais daim duab tiav ntawm cov tswv tsev tsis muaj zog.
Nov yog cov npe ntawm cov kws tshuaj ntsuam xyuas zoo li cas, qhia txog OS khiav ntawm lawv.
Cia peb qhib tus tswv tsev txaus siab thiab pom cov npe ntawm 219 qhov tsis zoo pom, pib los ntawm qhov tseem ceeb tshaj plaws, qib tsib:
Tom qab ntawd koj tuaj yeem pom cov ntsiab lus rau txhua qhov tsis zoo. Ntawm no peb pom:
- thaum kuaj pom qhov tsis zoo rau thawj zaug thiab zaum kawg,
- industrial vulnerability naj npawb,
- thaj ua rau kom tshem tawm qhov tsis zoo,
- puas muaj teeb meem nrog kev ua raws li PCI DSS, NIST, thiab lwm yam,
- puas muaj kev siv thiab malware rau qhov tsis zoo no,
- yog ib qho kev tsis haum xeeb pom thaum luam nrog / tsis muaj kev lees paub hauv qhov system, thiab lwm yam.
Yog tias qhov no tsis yog thawj zaug scan - yog, koj yuav tsum luam theej duab tsis tu ncua π - tom qab ntawd nrog kev pab Kev Tshaj Tawm Koj tuaj yeem taug qab qhov tsis muaj zog ntawm kev ua haujlwm nrog qhov tsis zoo. Cov xwm txheej ntawm qhov tsis zoo yuav raug pom nyob rau hauv kev sib piv nrog lub scan yav dhau los: qhov tsis zoo uas tau pom ua ntej thiab kaw yuav raug cim tias ruaj khov, tsis raug kaw - nquag, tshiab - tshiab.
Vulnerability report. Hauv tsab ntawv tshaj tawm no, Qualys yuav tsim cov npe ntawm qhov tsis zoo, pib nrog qhov tseem ceeb tshaj plaws, qhia tias tus tswv tsev twg yuav ntes qhov tsis zoo no. Daim ntawv tshaj tawm yuav muaj txiaj ntsig yog tias koj txiav txim siab nkag siab tam sim ntawd, piv txwv li, tag nrho cov kev tsis zoo ntawm qib tsib.
Koj tuaj yeem ua ib daim ntawv qhia cais tsuas yog ntawm qhov tsis zoo ntawm qib plaub thiab qib tsib.
Patch qhia. Ntawm no koj tuaj yeem pom cov npe tag nrho ntawm thaj ua rau thaj uas yuav tsum tau teeb tsa kom tshem tawm qhov tsis zoo uas pom. Rau txhua thaj muaj ib qho kev piav qhia ntawm qhov tsis zoo uas nws kho, ntawm tus tswv tsev / qhov system nws yuav tsum tau nruab, thiab txuas ncaj qha rub tawm.
PCI DSS Compliance Report. Tus qauv PCI DSS xav kom luam theej duab cov ntaub ntawv thiab cov ntawv thov nkag tau los ntawm Is Taws Nem txhua 90 hnub. Tom qab lub scan, koj tuaj yeem tsim ib daim ntawv tshaj tawm uas yuav qhia tias qhov kev tsim kho vaj tse tsis tau raws li qhov yuav tsum tau ua ntawm tus qauv.
Daim ntawv qhia txog kev kho qhov tsis zoo. Qualys tuaj yeem koom ua ke nrog lub rooj pabcuam, thiab tom qab ntawd txhua qhov pom muaj qhov tsis zoo yuav raug muab txhais ua daim pib. Siv daim ntawv tshaj tawm no, koj tuaj yeem taug qab kev nce qib ntawm daim pib ua tiav thiab daws qhov tsis zoo.
Qhib cov ntawv qhia chaw nres nkoj. Ntawm no koj tuaj yeem tau txais cov ntaub ntawv ntawm cov chaw nres nkoj qhib thiab cov kev pabcuam khiav ntawm lawv:
los yog tsim ib daim ntawv qhia txog qhov tsis zoo ntawm txhua qhov chaw nres nkoj:
Cov no tsuas yog cov qauv qhia ntawv xwb. Koj tuaj yeem tsim koj tus kheej rau cov haujlwm tshwj xeeb, piv txwv li, qhia tsuas yog qhov tsis zoo uas tsis qis dua qib tsib ntawm kev thuam. Txhua daim ntawv qhia muaj nyob. Daim ntawv tshaj tawm: CSV, XML, HTML, PDF thiab docx.
Thiab nco ntsoov: Kev nyab xeeb tsis yog qhov tshwm sim, tab sis yog txheej txheem. Kev tshuaj ntsuam ib zaug yuav pab pom cov teeb meem tam sim no, tab sis qhov no tsis yog hais txog cov txheej txheem kev tswj hwm qhov tsis zoo.
Txhawm rau ua kom yooj yim rau koj los txiav txim siab txog kev ua haujlwm tsis tu ncua, peb tau tsim cov kev pabcuam raws li Qualys Vulnerability Management.
Muaj kev txhawb nqa rau txhua tus neeg nyeem Habr: Thaum koj xaj qhov kev pabcuam luam theej duab rau ib xyoos, ob lub hlis ntawm kev tshuaj xyuas dawb. Daim ntawv thov tuaj yeem sab laug , hauv "Cov Lus Qhia" teb sau Habr.
Tau qhov twg los: www.hab.com