Tau qhov twg los: Acunetix
Red Teaming yog ib qho kev simulation ntawm kev tawm tsam tiag tiag txhawm rau txheeb xyuas cybersecurity ntawm cov tshuab. "Red Team" yog ib pab pawg (cov kws tshwj xeeb ua qhov kev ntsuam xyuas nkag mus rau hauv qhov system). Lawv tuaj yeem raug ntiav los ntawm sab nraud lossis cov neeg ua haujlwm ntawm koj lub koom haum, tab sis nyob rau hauv txhua rooj plaub lawv lub luag haujlwm yog tib yam - coj tus cwj pwm ntawm intruders thiab sim nkag mus rau koj lub cev.
Nrog rau "cov pab pawg liab" hauv cybersecurity, muaj ntau lwm tus. Piv txwv li, Pab Pawg Blue ua haujlwm ua ke nrog Pab Pawg Liab, tab sis nws cov haujlwm yog txhawm rau txhim kho kev ruaj ntseg ntawm cov txheej txheem kev tsim kho los ntawm sab hauv. Pab Pawg Ntshav yog qhov txuas, pab ob pawg hauv kev tsim cov tswv yim tawm tsam thiab tiv thaiv. Txawm li cas los xij, redtimeing yog ib txoj hauv kev nkag siab tsawg tshaj plaws ntawm kev tswj hwm cybersecurity, thiab ntau lub koom haum tseem tsis kam lees txais qhov kev coj ua no.
Hauv tsab xov xwm no, peb yuav piav qhia meej txog dab tsi nyob tom qab lub tswv yim ntawm Red Teaming, thiab yuav ua li cas kev siv cov kev simulation nyuaj ntawm kev tawm tsam tiag tiag tuaj yeem pab txhim kho kev ruaj ntseg ntawm koj lub koom haum. Lub hom phiaj ntawm tsab xov xwm no yog los qhia tias txoj kev no tuaj yeem ua kom muaj kev ruaj ntseg ntawm koj cov ntaub ntawv xov xwm.
Red Teaming Txheej txheem cej luam
Txawm hais tias nyob rau hauv peb lub sijhawm, pawg "liab" thiab "xiav" feem ntau cuam tshuam nrog kev siv thev naus laus zis thiab cybersecurity, cov ntsiab lus no tau tsim los ntawm cov tub rog. Feem ntau, nws yog nyob rau hauv pab tub rog uas kuv xub hnov ββββtxog cov ntsiab lus no. Ua haujlwm raws li tus kws tshuaj ntsuam xyuas cybersecurity nyob rau xyoo 1980 yog qhov txawv ntawm niaj hnub no: kev nkag mus rau cov tshuab computer encrypted tau txwv ntau dua li niaj hnub no.
Txwv tsis pub, kuv thawj qhov kev paub ntawm kev ua tsov rog - simulation, simulation, thiab kev sib cuam tshuam - zoo ib yam li niaj hnub no txoj kev simulation kev ua phem, uas tau pom nws txoj hauv kev rau hauv cybersecurity. Raws li tam sim no, kev saib xyuas zoo tau them rau kev siv social engineering txoj hauv kev los ntxias cov neeg ua haujlwm kom muab "tus yeeb ncuab" tsis raug rau kev siv tub rog. Yog li ntawd, txawm hais tias cov txheej txheem kev tawm tsam simulation tau nce siab txij li xyoo 80s, nws tsim nyog sau cia tias ntau cov cuab yeej tseem ceeb ntawm kev tawm tsam, thiab tshwj xeeb tshaj yog cov txheej txheem kev sib raug zoo, feem ntau yog platform ywj siab.
Tus nqi tseem ceeb ntawm txoj kev imitation ntawm kev tawm tsam tiag kuj tsis tau hloov txij li xyoo 80s. Los ntawm simulating kev tawm tsam ntawm koj lub tshuab, nws yooj yim dua rau koj kom pom qhov tsis zoo thiab nkag siab tias lawv tuaj yeem siv tau li cas. Thiab thaum redteaming siv los siv feem ntau los ntawm lub kaus mom dawb hackers thiab cybersecurity cov tub txawg tab tom nrhiav rau qhov tsis zoo los ntawm kev ntsuam xyuas nkag mus, tam sim no nws tau dhau los siv dav hauv cybersecurity thiab kev lag luam.
Tus yuam sij rau redtimeing yog kom nkag siab tias koj tsis tuaj yeem tau txais kev nkag siab ntawm kev ruaj ntseg ntawm koj lub tshuab kom txog thaum lawv raug tawm tsam. Thiab tsis txhob tso koj tus kheej ntawm kev pheej hmoo raug tawm tsam los ntawm cov neeg tawm tsam tiag tiag, nws muaj kev nyab xeeb dua los simulate xws li kev tawm tsam nrog cov lus txib liab.
Red Teaming: siv rooj plaub
Ib txoj hauv kev yooj yim kom nkag siab lub hauv paus ntawm redtimeing yog saib ob peb yam piv txwv. Nov yog ob ntawm lawv:
- Scenario 1. Xav txog tias qhov chaw pabcuam cov neeg siv khoom tau raug pentested thiab ua tiav kev sim. Nws yuav zoo li qhov no qhia tias txhua yam nyob rau hauv kev txiav txim. Txawm li cas los xij, tom qab ntawd, nyob rau hauv ib qho kev thuam tsis zoo, pab pawg liab pom tias thaum lub app pabcuam cov neeg siv khoom nws tus kheej zoo, qhov kev sib tham thib peb tsis tuaj yeem txheeb xyuas tib neeg kom raug, thiab qhov no ua rau nws tuaj yeem dag cov neeg sawv cev pabcuam rau kev hloov lawv email chaw nyob. . nyob rau hauv tus account (raws li qhov tshwm sim ntawm tus neeg tshiab, tus neeg tawm tsam, tuaj yeem nkag mus tau).
- Scenario 2. Raws li qhov tshwm sim ntawm pentesting, tag nrho VPN thiab cov chaw taws teeb tswj tau pom tias muaj kev nyab xeeb. Txawm li cas los xij, tom qab ntawd tus neeg sawv cev ntawm "pab liab" dawb dhau los ntawm lub rooj sau npe thiab tshem tawm lub laptop ntawm ib tus neeg ua haujlwm.
Nyob rau hauv ob qho tib si saum toj no, "team liab" tshuaj xyuas tsis yog tsuas yog kev ntseeg siab ntawm txhua tus neeg lub cev, tab sis kuj yog tag nrho cov kab ke tag nrho rau qhov tsis muaj zog.
Leej twg xav tau Complex Attack Simulation?
Hauv kev txiav txim siab, yuav luag txhua lub tuam txhab tuaj yeem tau txais txiaj ntsig los ntawm redtimeing. Raws li qhia , ntau lub koom haum txaus ntshai yog nyob rau hauv kev ntseeg cuav uas lawv muaj kev tswj hwm lawv cov ntaub ntawv. Peb pom, piv txwv li, qhov nruab nrab 22% ntawm lub tuam txhab cov ntaub ntawv muaj rau txhua tus neeg ua haujlwm, thiab tias 87% ntawm cov tuam txhab muaj ntau dua 1000 cov ntaub ntawv tsis tu ncua ntawm lawv lub tshuab.
Yog tias koj lub tuam txhab tsis nyob hauv kev lag luam tech, nws yuav tsis zoo li redtimeing yuav ua rau koj zoo heev. Tab sis nws tsis yog. Cybersecurity tsis yog tsuas yog tiv thaiv cov ntaub ntawv tsis pub lwm tus paub.
Malefactors sib npaug sim tau tuav cov thev naus laus zis tsis hais txog ib qho kev ua haujlwm ntawm lub tuam txhab. Piv txwv li, lawv tuaj yeem nrhiav kev nkag mus rau koj lub network txhawm rau txhawm rau zais lawv cov kev coj ua los hla lwm qhov system lossis network lwm qhov hauv ntiaj teb. Nrog hom kev tawm tsam no, cov neeg tawm tsam tsis xav tau koj cov ntaub ntawv. Lawv xav kis koj lub khoos phis tawj nrog malware txhawm rau tig koj lub kaw lus mus rau hauv pawg botnets nrog lawv cov kev pab.
Rau cov tuam txhab me me, nws tuaj yeem nyuaj nrhiav cov peev txheej los txhiv. Hauv qhov no, nws ua rau kev nkag siab zoo rau kev tso siab rau cov txheej txheem no rau tus neeg ua haujlwm sab nraud.
Red Teaming: Cov lus pom zoo
Lub sijhawm zoo thiab zaus rau redtimeing nyob ntawm qhov chaw koj ua haujlwm thiab kev loj hlob ntawm koj cov cuab yeej cybersecurity.
Tshwj xeeb, koj yuav tsum muaj cov haujlwm ua haujlwm xws li kev tshawb nrhiav khoom vaj khoom tsev thiab kev txheeb xyuas qhov tsis zoo. Koj lub koom haum tseem yuav tsum tau muab cov cuab yeej siv thev naus laus zis nrog tib neeg saib xyuas los ntawm kev ua txhua yam kev ntsuas nkag mus.
Tom qab ua tiav ntau lub voj voog kev lag luam ntawm kev ntsuas nkag thiab nrhiav qhov tsis zoo, koj tuaj yeem mus rau qhov nyuaj simulation ntawm kev tawm tsam tiag. Nyob rau theem no, redtimeing yuav coj koj cov txiaj ntsig zoo. Txawm li cas los xij, sim ua ua ntej koj muaj cov hauv paus ntawm cybersecurity nyob rau hauv qhov chaw yuav tsis coj cov txiaj ntsig zoo.
Pab pawg kaus mom dawb zoo li yuav muaj peev xwm cuam tshuam rau qhov kev npaj tsis tau npaj sai sai thiab yooj yim uas koj tau txais cov ntaub ntawv tsawg dhau los ua haujlwm ntxiv. Txhawm rau kom muaj txiaj ntsig tiag tiag, cov ntaub ntawv tau txais los ntawm "team liab" yuav tsum muab piv nrog cov kev ntsuas kev nkag mus dhau los thiab kev ntsuas qhov tsis zoo.
Kev ntsuam xyuas qhov nkag mus yog dab tsi?
Complex imitation ntawm ib tug tiag tiag nres (Red Teaming) yog feem ntau tsis meej pem nrog , tab sis ob txoj kev sib txawv me ntsis. Ntau precisely, kev ntsuam xyuas nkag mus tsuas yog ib qho ntawm redtimeing txoj kev.
Lub luag haujlwm ntawm Pentester . Kev ua haujlwm ntawm pentesters tau muab faib ua plaub theem tseem ceeb: kev npaj, tshawb pom cov ntaub ntawv, tawm tsam, thiab tshaj tawm. Raws li koj tuaj yeem pom, pentesters ua ntau dua li tsuas yog saib rau software vulnerabilities. Lawv sim muab lawv tus kheej tso rau hauv khau ntawm hackers, thiab thaum lawv nkag mus rau hauv koj lub cev, lawv txoj haujlwm tiag tiag pib.
Lawv tshawb pom qhov tsis zoo thiab tom qab ntawd ua qhov kev tawm tsam tshiab raws li cov ntaub ntawv tau txais, txav mus los ntawm cov ntawv teev npe hierarchy. Qhov no yog qhov txawv ntawm cov neeg kuaj nkag los ntawm cov neeg ua haujlwm tsuas yog txhawm rau nrhiav qhov tsis zoo, siv chaw nres nkoj scanning software lossis kuaj kab mob. Ib tus neeg paub txog pentester tuaj yeem txiav txim siab:
- qhov twg hackers tuaj yeem coj lawv tawm tsam;
- txoj kev uas hackers yuav tawm tsam;
- Koj kev tiv thaiv yuav coj li cas?
- muaj peev xwm ua txhaum cai.
Kev ntsuam xyuas kev nkag mus yog tsom rau kev txheeb xyuas qhov tsis muaj zog ntawm daim ntawv thov thiab qib network, nrog rau cov hauv kev los daws cov teeb meem kev nyab xeeb ntawm lub cev. Txawm hais tias kev ntsuas tsis siv neeg tuaj yeem nthuav tawm qee qhov teeb meem kev nyab xeeb cybersecurity, kev ntsuas kev nkag mus rau hauv phau ntawv tseem yuav siv rau hauv tus account qhov tsis zoo ntawm kev lag luam rau kev tawm tsam.
Red Teaming vs. kev xeem nkag
Undoubtedly, kev ntsuam xyuas kev nkag mus yog qhov tseem ceeb, tab sis nws tsuas yog ib feem ntawm tag nrho cov haujlwm redtimeing. Cov kev ua ub no ntawm "liab pab pawg" muaj ntau lub hom phiaj dav dua li cov pentesters, uas feem ntau tsuas yog nrhiav kev nkag mus rau hauv lub network. Redteaming feem ntau koom nrog ntau tus neeg, cov peev txheej thiab sijhawm raws li pab pawg liab khawb tob kom nkag siab txog qhov tseeb ntawm qhov pheej hmoo thiab qhov tsis zoo hauv kev siv thev naus laus zis thiab lub koom haum ntawm tib neeg thiab lub cev cov khoom muaj nqis.
Tsis tas li ntawd, muaj lwm qhov sib txawv. Redtimeing feem ntau yog siv los ntawm cov koom haum nrog kev paub tab thiab kev ntsuas cybersecurity siab heev (txawm tias qhov no tsis yog ib txwm muaj hauv kev xyaum).
Cov no feem ntau yog cov tuam txhab uas twb tau ua qhov kev ntsuam xyuas nkag thiab kho feem ntau ntawm qhov tsis zoo uas pom thiab tam sim no tab tom nrhiav rau ib tus neeg uas tuaj yeem sim rov nkag mus rau cov ntaub ntawv rhiab lossis rhuav tshem kev tiv thaiv txhua txoj hauv kev.
Qhov no yog vim li cas redtimeing cia siab rau ib pab neeg ntawm kev ruaj ntseg cov kws txawj tsom rau ib lub hom phiaj. Lawv tsom mus rau qhov tsis zoo sab hauv thiab siv ob qho tib si hluav taws xob thiab lub cev kev sib raug zoo engineering ntawm lub koom haum cov neeg ua haujlwm. Tsis zoo li pentesters, pab pawg liab siv lawv lub sijhawm thaum lawv tawm tsam, xav kom tsis txhob muaj kev tshawb pom zoo li qhov tiag tiag cybercriminal.
Cov txiaj ntsig ntawm Red Teaming
Muaj ntau qhov zoo rau kev simulation ntawm kev tawm tsam tiag tiag, tab sis qhov tseem ceeb tshaj, txoj hauv kev no tso cai rau koj kom tau txais daim duab qhia txog qib ntawm cybersecurity ntawm ib lub koom haum. Cov txheej txheem simulated kawg-rau-kawg raug sim yuav suav nrog kev sim nkag mus (network, daim ntawv thov, xov tooj ntawm tes, thiab lwm yam khoom siv), social engineering (nyob ntawm qhov chaw, hu xov tooj, email, lossis ntawv xov xwm thiab sib tham), thiab kev nkag mus rau lub cev. (Tshem cov xauv, ntes cov chaw tuag ntawm lub koob yees duab kev ruaj ntseg, hla kev ceeb toom tshuab). Yog tias muaj qhov tsis zoo hauv ib qho ntawm cov yam ntxwv ntawm koj lub cev, lawv yuav pom.
Thaum pom muaj qhov tsis zoo, lawv tuaj yeem kho tau. Txoj kev simulation kev tawm tsam zoo tsis xaus nrog kev tshawb pom ntawm qhov tsis zoo. Thaum cov kev ruaj ntseg flaws tau pom meej meej, koj yuav xav ua haujlwm kho lawv thiab rov sim dua. Qhov tseeb, kev ua haujlwm tiag tiag feem ntau pib tom qab pab pawg liab nkag, thaum koj tshawb xyuas qhov kev tawm tsam thiab sim txo qhov tsis zoo pom.
Ntxiv rau ob qhov txiaj ntsig tseem ceeb no, redtimeing kuj tseem muaj lwm tus lej. Yog li, "peb liab" tuaj yeem:
- txheeb xyuas qhov txaus ntshai thiab qhov tsis zoo rau kev tawm tsam hauv cov ntaub ntawv tseem ceeb ntawm kev lag luam;
- simulate cov txheej txheem, tactics thiab cov txheej txheem ntawm attackers tiag tiag nyob rau hauv ib puag ncig uas txwv thiab tswj kev pheej hmoo;
- Ntsuam xyuas koj lub koom haum lub peev xwm los ntes, teb, thiab tiv thaiv kev nyuaj, phiaj xwm hem;
- Txhawb kom muaj kev sib raug zoo nrog cov chaw saib xyuas kev ruaj ntseg thiab pab pawg xiav los muab kev txo qis thiab ua cov kev cob qhia kev sib koom tes ua ke tom qab pom muaj qhov tsis zoo.
Red Teaming ua haujlwm li cas?
Ib txoj hauv kev zoo kom nkag siab yuav ua li cas redtimeing ua haujlwm yog saib seb nws ua haujlwm li cas. Cov txheej txheem niaj zaus ntawm kev simulation simulation muaj ntau theem:
- Lub koom haum pom zoo nrog "pab pawg liab" (sab hauv lossis sab nraud) ntawm lub hom phiaj ntawm kev tawm tsam. Piv txwv li, lub hom phiaj zoo li no tuaj yeem khaws cov ntaub ntawv rhiab heev los ntawm ib lub server tshwj xeeb.
- Tom qab ntawd lub "liab pab pawg" ua kev soj ntsuam ntawm lub hom phiaj. Qhov tshwm sim yog daim duab ntawm lub hom phiaj, suav nrog cov kev pabcuam network, kev siv web, thiab cov neeg ua haujlwm sab hauv portals. .
- Tom qab ntawd, qhov tsis zoo yog tshawb nrhiav hauv lub hom phiaj, uas feem ntau yog siv phishing lossis XSS tawm tsam. .
- Thaum tau txais cov tokens, cov pab pawg liab siv lawv los tshawb xyuas qhov tsis zoo ntxiv. .
- Thaum pom lwm qhov tsis zoo, "team liab" yuav nrhiav kom lawv cov qib nkag mus rau qib tsim nyog kom ua tiav lub hom phiaj. .
- Thaum nkag mus rau lub hom phiaj cov ntaub ntawv lossis cov cuab yeej cuab tam, txoj haujlwm tawm tsam raug txiav txim siab ua tiav.
Qhov tseeb, ib tus kws paub txog pab pawg liab tshwj xeeb yuav siv ntau txoj hauv kev sib txawv kom dhau los ntawm txhua kauj ruam no. Txawm li cas los xij, qhov tseem ceeb tshem tawm los ntawm cov piv txwv saum toj no yog tias qhov tsis zoo me me hauv cov txheej txheem ntawm tus kheej tuaj yeem hloov mus ua kev puas tsuaj loj yog tias sib txuas ua ke.
Dab tsi yuav tsum tau xav txog thaum xa mus rau "team liab"?
Txhawm rau kom tau txais txiaj ntsig zoo tshaj plaws ntawm redtimeing, koj yuav tsum tau npaj kom zoo. Cov txheej txheem thiab cov txheej txheem siv los ntawm txhua lub koom haum sib txawv, thiab qib zoo ntawm redtimeing tau ua tiav thaum nws tsom mus nrhiav qhov tsis zoo hauv koj lub tshuab. Vim li no, nws yog ib qho tseem ceeb uas yuav tau xav txog ntau yam:
Paub qhov koj tab tom nrhiav
Ua ntej tshaj plaws, nws yog ib qho tseem ceeb kom nkag siab txog cov txheej txheem thiab cov txheej txheem uas koj xav kuaj. Tej zaum koj paub tias koj xav sim ib daim ntawv thov lub vev xaib, tab sis koj tsis to taub zoo tias nws txhais li cas tiag tiag thiab lwm lub tshuab ua ke nrog koj lub vev xaib li cas. Yog li ntawd, nws yog ib qho tseem ceeb uas koj yuav tsum muaj kev nkag siab zoo ntawm koj tus kheej lub tshuab thiab kho tej yam tsis zoo ua ntej pib qhov kev simulation ntawm kev tawm tsam tiag tiag.
Paub koj lub network
Qhov no muaj feem xyuam nrog cov lus pom zoo dhau los, tab sis yog ntau ntxiv txog cov yam ntxwv ntawm koj lub network. Qhov zoo dua koj tuaj yeem ntsuas koj qhov chaw sim, qhov tseeb thiab tshwj xeeb koj pab pawg liab yuav yog.
Paub koj cov peev nyiaj
Redtimeing tuaj yeem ua tau ntawm ntau qib, tab sis simulating tag nrho cov kev tawm tsam ntawm koj lub network, suav nrog kev sib raug zoo engineering thiab kev nkag mus rau lub cev, tuaj yeem raug nqi. Vim li no, nws yog ib qho tseem ceeb kom nkag siab tias koj tuaj yeem siv nyiaj npaum li cas ntawm daim tshev thiab, raws li, qhia txog nws qhov peev txheej.
Paub koj theem ntawm kev pheej hmoo
Qee lub koom haum tuaj yeem zam qhov kev pheej hmoo siab heev uas yog ib feem ntawm lawv cov txheej txheem kev lag luam. Lwm tus yuav tsum txwv lawv cov theem ntawm kev pheej hmoo mus rau qhov ntau dua, tshwj xeeb tshaj yog tias lub tuam txhab ua haujlwm hauv kev lag luam uas tswj hwm kev lag luam. Yog li ntawd, thaum ua redtimeing, nws yog ib qho tseem ceeb uas yuav tsum tsom rau cov kev pheej hmoo uas tiag tiag ua rau muaj kev phom sij rau koj lub lag luam.
Red Teaming: Cov cuab yeej thiab Tactics
Yog tias ua tau zoo, "team liab" yuav ua rau muaj kev tawm tsam tag nrho ntawm koj cov tes hauj lwm siv tag nrho cov cuab yeej thiab cov kev siv los ntawm cov neeg nyiag nkas. Ntawm lwm yam, qhov no suav nrog:
- Daim ntawv thov nkag mus kuaj - Lub hom phiaj txhawm rau txheeb xyuas qhov tsis muaj zog ntawm qib kev thov, xws li kev thov hla qhov chaw tsis raug, cov ntaub ntawv nkag tsis raug, kev tswj xyuas tsis muaj zog, thiab ntau lwm yam.
- Network Penetration Testing - Lub hom phiaj txhawm rau txheeb xyuas qhov tsis muaj zog ntawm lub network thiab qib system, suav nrog kev teeb tsa tsis raug, wireless network vulnerabilities, kev pabcuam tsis raug cai, thiab ntau dua.
- Kev ntsuam xyuas lub cev nkag mus - txheeb xyuas qhov ua tau zoo, nrog rau qhov muaj zog thiab qhov tsis muaj zog ntawm kev tswj hwm kev nyab xeeb ntawm lub cev hauv lub neej tiag tiag.
- social engineering - Lub hom phiaj los siv cov neeg tsis muaj zog thiab tib neeg lub cev, sim tib neeg txoj kev pheej hmoo rau kev dag ntxias, kev ntxias thiab kev ntxias los ntawm phishing emails, hu xov tooj thiab xa ntawv, nrog rau kev sib cuag ntawm lub cev.
Tag nrho cov saum toj no yog redtimeing Cheebtsam. Nws yog qhov ua kom tiav, txheej nres simulation tsim los txiav txim siab npaum li cas koj cov neeg, tes hauj lwm, kev siv, thiab kev ruaj ntseg ntawm lub cev tuaj yeem tiv thaiv kev tawm tsam los ntawm tus neeg tawm tsam tiag.
Kev txhim kho txuas ntxiv ntawm Red Teaming txoj kev
Qhov xwm txheej ntawm kev simulation ntawm kev tawm tsam tiag tiag, uas cov pab pawg liab sim nrhiav cov kev nyab xeeb tshiab thiab cov pab pawg xiav sim kho lawv, ua rau muaj kev txhim kho tas li rau cov kev kuaj xyuas zoo li no. Vim li no, nws yog ib qho nyuaj rau kev sau cov npe tshiab ntawm cov txheej txheem redtimeing niaj hnub, vim lawv sai sai dhau lawm.
Yog li ntawd, feem ntau redteamers yuav siv sij hawm tsawg kawg yog ib feem ntawm lawv lub sij hawm kawm txog cov tshiab vulnerabilities thiab exploiting lawv, siv ntau yam kev pab muab los ntawm pab pawg neeg liab. Nov yog cov neeg nyiam tshaj plaws ntawm cov zej zog:
- yog ib qho kev pabcuam subscription uas muaj cov chav kawm video hauv online tsom rau qhov kev sim nkag mus, nrog rau cov chav kawm ntawm kev ua haujlwm forensics, social engineering cov haujlwm, thiab cov ntaub ntawv kev ruaj ntseg sib dhos lus.
- yog "tus neeg saib xyuas kev ruaj ntseg cybersecurity" uas tsis tu ncua blogs txog cov txheej txheem rau kev simulation ntawm kev tawm tsam tiag tiag thiab yog qhov zoo ntawm txoj hauv kev tshiab.
- Twitter kuj yog ib qhov chaw zoo yog tias koj tab tom nrhiav rau cov ntaub ntawv redtimeing tshiab. Koj tuaj yeem pom nws nrog hashtags ΠΈ .
- yog lwm tus kws tshaj lij redtimeing tshwj xeeb uas tsim cov ntawv xov xwm thiab , coj thiab sau ntau txog cov kev sib tw liab tam sim no. Ntawm nws cov ntawv tsis ntev los no: ΠΈ .
- yog ib tsab ntawv xov xwm kev ruaj ntseg web txhawb nqa los ntawm PortSwigger Web Security. Qhov no yog ib qho chaw zoo los kawm txog cov kev tsim kho tshiab thiab xov xwm hauv thaj tsam redtimeing - hacks, cov ntaub ntawv xau, kev siv, kev siv lub vev xaib tsis zoo thiab cov thev naus laus zis tshiab kev nyab xeeb.
- yog lub kaus mom dawb hacker thiab nkag mus kuaj uas tsis tu ncua npog cov pab pawg liab tshiab hauv nws .
- MWR labs yog qhov zoo, txawm hais tias muaj kev tshaj lij, qhov chaw rau xov xwm tshiab. Lawv tshaj tawm muaj txiaj ntsig rau pab pawg liab thiab lawv muaj cov lus qhia los daws cov teeb meem uas cov neeg soj ntsuam kev ruaj ntseg ntsib.
- - Tus kws lij choj thiab "dawb hacker". Nws Twitter pub muaj cov tswv yim pab tau rau "pab liab" xws li sau SQL txhaj tshuaj thiab forging OAuth tokens.
- (ATT & CK) yog lub hauv paus kev paub txog tus cwj pwm tawm tsam. Nws taug qab cov theem ntawm lub neej voj voog ntawm cov neeg tawm tsam thiab cov platforms lawv lub hom phiaj.
- yog ib qho kev qhia rau hackers, uas, txawm hais tias qub heev, npog ntau yam ntawm cov txheej txheem tseem ceeb uas tseem nyob hauv plawv ntawm txoj kev imitation ntawm kev tawm tsam tiag. Tus sau Peter Kim kuj muaj , nyob rau hauv uas nws muaj hacking tswv yim thiab lwm yam ntaub ntawv.
- Lub koom haum SANS yog lwm qhov chaw pabcuam loj ntawm cybersecurity cov ntaub ntawv qhia. Lawv Tsom ntsoov rau cov ntawv pov thawj digital thiab cov lus teb qhov xwm txheej, nws muaj cov xov xwm tshiab ntawm SANS cov chav kawm thiab cov lus qhia los ntawm cov kws tshaj lij.
- Ib co ntawm cov xov xwm nthuav tshaj plaws txog redtimeing yog luam tawm nyob rau hauv . Muaj cov khoom siv thev naus laus zis xws li kev sib piv Red Teaming rau kev ntsuas kev nkag mus, nrog rau cov khoom siv tshuaj ntsuam xws li Red Team Specialist Manifesto.
- Thaum kawg, Awesome Red Teaming yog GitHub zej zog uas muaj cov peev txheej tshwj xeeb rau Red Teaming. Nws suav nrog txhua yam kev ua haujlwm ntawm pab pawg liab cov haujlwm, los ntawm kev nkag mus rau thawj zaug, ua haujlwm tsis zoo, mus rau sau thiab rho tawm cov ntaub ntawv.
"Blue team" - yog dab tsi?
Nrog ntau pab pawg ntau xim, nws tuaj yeem nyuaj los txiav txim seb hom twg koj lub koom haum xav tau.
Ib qho kev xaiv rau pab pawg liab, thiab tshwj xeeb tshaj yog lwm hom pab pawg uas tuaj yeem siv ua ke nrog pab pawg liab, yog pab pawg xiav. Pab Pawg Blue kuj soj ntsuam kev ruaj ntseg network thiab txheeb xyuas txhua qhov muaj peev xwm ua haujlwm tsis zoo. Txawm li cas los xij, nws muaj lub hom phiaj sib txawv. Cov pab pawg ntawm hom no yog xav tau los nrhiav txoj hauv kev los tiv thaiv, hloov pauv thiab rov ua cov txheej txheem tiv thaiv rov ua kom qhov xwm txheej teb tau zoo dua.
Zoo li pab pawg liab, pab pawg xiav yuav tsum muaj tib yam kev paub txog kev tawm tsam kev tawm tsam, cov txheej txheem, thiab cov txheej txheem txhawm rau tsim cov tswv yim teb raws li lawv. Txawm li cas los xij, lub luag haujlwm ntawm pab pawg xiav tsis txwv rau kev tiv thaiv kev tawm tsam xwb. Nws kuj tseem koom nrog hauv kev ntxiv dag zog rau tag nrho cov kev ruaj ntseg infrastructure, siv, piv txwv li, ib tug intrusion detection system (IDS) uas muab kev soj ntsuam tas mus li ntawm txawv txawv thiab tej yam txawv txawv.
Nov yog qee cov kauj ruam uas "blue team" ua:
- kev soj ntsuam kev ruaj ntseg, tshwj xeeb yog DNS tshawb xyuas;
- tsom xam thiab nco;
- tsom xam ntawm cov ntaub ntawv network packets;
- kev soj ntsuam cov ntaub ntawv txaus ntshai;
- kev txheeb xyuas cov hneev taw digital;
- rov qab engineering;
- Kev kuaj DDoS;
- txoj kev loj hlob ntawm kev pheej hmoo siv scenarios.
Qhov sib txawv ntawm pab pawg liab thiab xiav
Ib lo lus nug ntau rau ntau lub koom haum yog pab pawg twg lawv yuav tsum siv, liab lossis xiav. Qhov teeb meem no kuj yog feem ntau nrog kev phooj ywg animosity ntawm cov neeg ua hauj lwm "ntawm qhov opposite sab ntawm lub barricades." Hauv kev muaj tiag, tsis muaj lus txib ua rau kev nkag siab yam tsis muaj lwm tus. Yog li lo lus teb raug rau lo lus nug no yog ob pab pawg tseem ceeb.
Pab Pawg Liab tau tawm tsam thiab siv los ntsuas qhov kev npaj ntawm Pab Pawg Blue los tiv thaiv. Qee lub sij hawm pab pawg liab yuav pom qhov tsis zoo uas pab pawg xiav tau saib tag nrho, nyob rau hauv rooj plaub no pab pawg liab yuav tsum qhia tias qhov tsis zoo no tuaj yeem kho li cas.
Nws yog ib qho tseem ceeb rau ob pab pawg ua haujlwm ua ke tawm tsam cybercriminals kom ntxiv dag zog rau cov ntaub ntawv kev ruaj ntseg.
Vim li no, nws tsis muaj kev txiav txim siab xaiv ib sab lossis nqis peev hauv ib hom pab pawg. Nws yog ib qho tseem ceeb uas yuav tsum nco ntsoov tias lub hom phiaj ntawm ob tog yog tiv thaiv cybercrime.
Hauv lwm lo lus, tuam txhab lag luam yuav tsum tsim kom muaj kev sib koom tes ntawm ob pab pawg txhawm rau txhawm rau muab kev soj ntsuam zoo - nrog rau cov ntaub ntawv ntawm txhua qhov kev tawm tsam thiab kev kuaj xyuas, cov ntaub ntawv ntawm kev kuaj pom.
Lub "pab liab" muab cov ntaub ntawv hais txog cov haujlwm uas lawv tau ua thaum lub sijhawm simulated tua, thaum pab neeg xiav muab cov ntaub ntawv hais txog cov kev ua lawv tau ua los sau qhov khoob thiab kho qhov tsis zoo uas pom.
Qhov tseem ceeb ntawm ob pab pawg tsis tuaj yeem kwv yees. Yog tias tsis muaj lawv cov kev soj ntsuam kev ruaj ntseg tsis tu ncua, kev sim nkag mus, thiab kev txhim kho kev tsim kho vaj tse, cov tuam txhab yuav tsis paub txog lub xeev ntawm lawv tus kheej kev ruaj ntseg. Tsawg kawg kom txog rau thaum cov ntaub ntawv tau xau thiab nws tau mob siab heev tias kev ntsuas kev nyab xeeb tsis txaus.
Pab neeg ntshav qab zib yog dab tsi?
Lub "Purple Team" tau yug los ntawm kev sim ua ke ntawm Pab Pawg Liab thiab Xiav. Pab Pawg Ntshav yog ntau lub tswv yim tshaj li ib pab pawg sib cais. Nws yog qhov zoo tshaj plaws saib raws li kev sib xyaw ntawm pab pawg liab thiab xiav. Nws koom ob pawg, pab lawv ua haujlwm ua ke.
Pab Pawg Ntshav tuaj yeem pab pab pawg muaj kev ruaj ntseg txhim kho kev tshawb pom qhov tsis zoo, nrhiav pom kev hem thawj, thiab kev saib xyuas lub network los ntawm kev ua qauv zoo rau cov xwm txheej hem thawj thiab pab tsim cov kev hem thawj tshiab thiab tiv thaiv txoj hauv kev.
Qee lub koom haum siv Pab Pawg Ntshav rau ib lub sijhawm tsom mus ua haujlwm uas qhia meej meej cov hom phiaj kev nyab xeeb, sijhawm sijhawm, thiab cov txiaj ntsig tseem ceeb. Qhov no suav nrog kev lees paub qhov tsis muaj zog hauv kev tawm tsam thiab kev tiv thaiv, nrog rau kev txheeb xyuas cov kev cob qhia yav tom ntej thiab kev siv thev naus laus zis.
Lwm txoj hauv kev tam sim no tau txais lub zog yog saib Pab Pawg Ntshav yog tus qauv pom kev ua haujlwm thoob plaws hauv lub koom haum los pab tsim thiab txuas ntxiv txhim kho kab lis kev cai cybersecurity.
xaus
Red Teaming, los yog kev sim sib tua nyuaj, yog cov txheej txheem muaj zog rau kev sim lub koom haum kev ruaj ntseg tsis zoo, tab sis yuav tsum tau siv nrog kev saib xyuas. Tshwj xeeb, siv nws, koj yuav tsum muaj txaus Tsis tas li ntawd, tej zaum nws yuav tsis ua rau qhov kev cia siab tso rau nws.
Redtimeing tuaj yeem nthuav qhia qhov tsis zoo hauv koj lub cev uas koj tsis paub txawm tias muaj thiab pab kho lawv. Los ntawm kev ua ib qho kev tawm tsam ntawm pab pawg xiav thiab liab, koj tuaj yeem sim ua qhov tiag tiag hacker yuav ua yog tias nws xav nyiag koj cov ntaub ntawv lossis ua rau koj cov khoom puas tsuaj.
Tau qhov twg los: www.hab.com