Mwina mukudziwa chomwe OSINT ndi ndipo mwagwiritsa ntchito makina osakira a Shodan, kapena mukugwiritsa ntchito kale Threat Intelligence Platform kuti muyike patsogolo ma IOC kuchokera ku zakudya zosiyanasiyana. Koma nthawi zina ndikofunikira kuyang'ana kampani yanu nthawi zonse ndikupeza thandizo pochotsa zochitika zomwe zadziwika. amakulolani kutsatira chuma cha digito kampaniyo ndi akatswiri ake akulingalira zochita zenizeni.
M'malo mwake, Digital Shadows imagwirizana bwino ndi SOC yomwe ilipo kapena imakwaniritsa magwiridwe antchito. kutsata kozungulira kwakunja. Ecosystem idamangidwa kuyambira 2011 ndipo zinthu zambiri zosangalatsa zakhazikitsidwa pansi pa hood. DS_ imayang'anira intaneti, malo ochezera. ma network ndi darknet ndikuzindikiritsa zofunikira zokha kuchokera pakuyenda konse kwa chidziwitso.
M'makalata anu a sabata kampaniyo imapereka chizindikiro chomwe mungagwiritse ntchito pamoyo wanu watsiku ndi tsiku kuwunika kwa magwero ndi zomwe adalandira. Mutha kuwonanso chizindikiro kumapeto kwa nkhaniyi.
Digital Shadows imatha kuzindikira ndikuletsa madera achinyengo, maakaunti abodza pamasamba ochezera; pezani zidziwitso za ogwira ntchito omwe asokonezedwa ndi zidziwitso zotsikitsitsa, pezani zambiri zokhudzana ndi kuwukira kwa cyber pakampaniyo, kuyang'anira nthawi zonse zomwe gulu likuchita, komanso kusanthula pafupipafupi ma foni am'manja mu sandbox.
Kuzindikira zoopsa za digito
Kampani iliyonse, panthawi ya ntchito zake, imapeza maunyolo ogwirizana ndi makasitomala ndi othandizana nawo, ndipo deta yomwe ikufuna kuteteza imakhala yovuta kwambiri, ndipo kuchuluka kwake kukungokulirakulira.
Kuti ayambe kuthana ndi zoopsazi, kampani iyenera kuyamba kuyang'ana kupitirira malire ake, kuwongolera, ndikupeza zambiri zakusintha.
Kuzindikira Kutayika kwa Data (zolemba zomveka, antchito ofikirika, zidziwitso zaukadaulo, nzeru).
Tangoganizani kuti nzeru zanu zidawululidwa pa intaneti kapena kuti chinsinsi chamkati chidatsitsidwa mwangozi m'nkhokwe ya GitHub. Zigawenga zitha kugwiritsa ntchito datayi kuyambitsa zigawenga zapaintaneti zomwe zimayang'ana kwambiri.
Online Brand Security (madomeni achinyengo ndi mbiri pamasamba ochezera, mapulogalamu am'manja akutsanzira kampani).
Popeza tsopano ndizovuta kupeza kampani yopanda malo ochezera a pa Intaneti kapena nsanja yofananira kuti igwirizane ndi omwe angakhale makasitomala, oukira amayesa kutengera mtundu wa kampaniyo. Zigawenga zapaintaneti zimachita izi polembetsa madera abodza, maakaunti azama TV, ndi mapulogalamu am'manja. Ngati phishing/scam yapambana, imatha kukhudza ndalama, kukhulupirika kwamakasitomala ndi kudalirika.
Attack Surface Reduction (ntchito zosavutikira pa intaneti, madoko otseguka, satifiketi zovuta).
Pamene chitukuko cha IT chikukula, malo owukira ndi kuchuluka kwa zinthu zambiri zikupitiriza kukula. Posakhalitsa, machitidwe amkati akhoza kusindikizidwa mwangozi kudziko lakunja, monga nkhokwe.
DS_ idzakudziwitsani zamavuto omwe wowukirayo asanayambe kupezerapo mwayi, awonetseni zomwe zili zofunika kwambiri, akatswiri amalangiza zochita zina, ndipo mutha kutsitsa nthawi yomweyo.
Chiyankhulo DS_
Mutha kugwiritsa ntchito mawonekedwe awebusayiti mwachindunji kapena kugwiritsa ntchito API.
Monga mukuonera, chidule cha kusanthula kumaperekedwa ngati mawonekedwe a funnel, kuyambira pa chiwerengero cha zotchulidwa ndi kutha ndi zochitika zenizeni zomwe zalandiridwa kuchokera kuzinthu zosiyanasiyana.
Anthu ambiri amagwiritsa ntchito yankho ngati Wikipedia yokhala ndi chidziwitso chokhudza omwe akuwukira, makampeni awo ndi zochitika pazachitetezo chazidziwitso.
Digital Shadows ndizosavuta kuphatikiza munjira iliyonse yakunja. Zidziwitso zonse ndi ma REST API amathandizidwa kuti aphatikizidwe mudongosolo lanu. Mutha kutchula IBM QRadar, ArcSight, Demisto, Anomali ndi .
Momwe mungasamalire zoopsa za digito - 4 masitepe oyambira
Khwerero 1: Dziwani Zinthu Zofunika Kwambiri pa Bizinesi
Gawo loyambali, ndithudi, ndikumvetsetsa zomwe bungweli limakonda kwambiri komanso zomwe likufuna kuteteza.
Atha kugawidwa m'magulu akuluakulu:
- Anthu (makasitomala, antchito, othandizana nawo, ogulitsa);
- Mabungwe (makampani okhudzana ndi ntchito, zomangamanga zonse);
- Machitidwe ndi ntchito zofunika kwambiri (mawebusayiti, ma portal, nkhokwe zamakasitomala, njira zolipirira, makina ofikira ogwira ntchito kapena ntchito za ERP).
Polemba mndandandawu, tikulimbikitsidwa kutsatira lingaliro losavuta - katundu ayenera kukhala mozungulira mabizinesi ovuta kapena ntchito zofunika zachuma za kampani.
Nthawi zambiri ndalama zambiri zimawonjezeredwa, kuphatikiza:
- mayina amakampani;
- zizindikiro / zizindikiro;
- Ma adilesi a IP;
- madambwe;
- maulalo kuma social network;
- ogulitsa;
- mapulogalamu a m'manja;
- manambala a patent;
- zolemba zolemba;
- Ma ID a DLP;
- ma signature a imelo.
Kusintha ntchitoyo kuti igwirizane ndi zosowa zanu kumatsimikizira kuti mumalandira zidziwitso zoyenera zokha. Uku ndikubwerezabwereza, ndipo ogwiritsa ntchito makinawa aziwonjezera katundu akapezeka, monga mitu yatsopano ya projekiti, kuphatikiza komwe kukubwera ndi kupeza, kapena madera osinthidwa.
Gawo 2: Kumvetsetsa Zowopsa Zomwe Zingachitike
Kuti muwerenge bwino zoopsa zomwe zingachitike, ndikofunikira kumvetsetsa zoopsa zomwe zingachitike pakampani.
- Njira za Attacker, Tactics and Procedures (TTP)
Framework ndi zina zimathandiza kupeza chinenero chimodzi pakati pa chitetezo ndi kuukira. Kusonkhanitsa zidziwitso ndi kumvetsetsa machitidwe pakati pa owukira osiyanasiyana kumapereka nkhani yothandiza kwambiri poteteza. Izi zimakuthandizani kumvetsetsa gawo lotsatira pakuwukira kowonedwa, kapena kupanga lingaliro lachitetezo chokhazikika . - Mphamvu zowukira
Wowukirayo adzagwiritsa ntchito ulalo wofooka kwambiri kapena njira yayifupi kwambiri. Ma vector osiyanasiyana owukira ndi kuphatikiza kwawo - makalata, intaneti, kusonkhanitsa zidziwitso, ndi zina.
Khwerero 3: Kuyang'anira Mawonekedwe Osafunikira a Katundu Wapa digito
Kuti muzindikire katundu, ndikofunikira kuyang'anira kuchuluka kwa magwero pafupipafupi, monga:
- Git repositories;
- Kusungirako mtambo kosakonzedwa bwino;
- Ikani masamba;
- Social media;
- Mabwalo aupandu;
- Ukonde wakuda.
Kuti muyambitse, mutha kugwiritsa ntchito zida zaulere ndi njira zomwe zimayikidwa movutikira mu bukhuli''.
Gawo 4: Tengani Njira Zachitetezo
Mukalandira zidziwitso, zochita zenizeni ziyenera kuchitidwa. Titha kusiyanitsa Tactical, Operational and Strategic.
Mu Digital Shadows, chenjezo lililonse limaphatikizapo zochita zolimbikitsidwa. Ngati iyi ndi tsamba la phishing kapena tsamba pa malo ochezera a pa Intaneti, ndiye kuti mutha kuyang'anira momwe mukubweza mu gawo la "Kutsitsa".
Kufikira pachiwonetsero chamasiku 7
Ndiroleni ndikusungitseni nthawi yomweyo kuti uku si kuyesa kwathunthu, koma kungofikira kwakanthawi kolowera pachiwonetsero kuti mudziwe mawonekedwe ake ndikusaka zambiri. Kuyesa kwathunthu kudzakhala ndi deta yokhudzana ndi kampani inayake ndipo kumafuna ntchito ya katswiri.
Tsamba lachiwonetsero likhala ndi:
- Zitsanzo za zidziwitso za madera achinyengo, mbiri yodziwika, ndi zofooka za zomangamanga;
- fufuzani pamasamba a darknet, mabwalo aumbanda, ma feed ndi zina zambiri;
- Mbiri 200 zowopseza za cyber, zida ndi kampeni.
Mutha kupeza izi .
Zolemba za sabata ndi podcast
M'manyuzipepala sabata iliyonse mutha kulandira chidule chachidule cha zambiri zogwirira ntchito komanso zomwe zachitika posachedwa sabata yatha. Mutha kumveranso podcast .
Kuti muwunikire gwero, Digital Shadows imagwiritsa ntchito mawu abwino kuchokera ku matrices awiri, kuwunika kukhulupirika kwa magwero ndi kudalirika kwa zomwe adalandira kuchokera kwa iwo.
Nkhaniyi idalembedwa motengera ''.
Ngati yankho likukukhudzani, mutha kulumikizana nafe - kampaniyo , wogawa Digital Shadows_. Zomwe muyenera kuchita ndikulemba mu fomu yaulere pa .
Olemba: ΠΈ .
Source: www.habr.com