Digital Shadows - zvine hunyanzvi zvinobatsira kuderedza njodzi dzedhijitari

Zvichida unoziva chinonzi OSINT uye washandisa iyo Shodan yekutsvaga injini, kana kuti uri kutoshandisa Threat Intelligence Platform kukoshesa maIOC kubva kune akasiyana mafeed. Asi dzimwe nguva zvinodikanwa kugara uchitarisa kambani yako kubva kunze uye kuwana rubatsiro mukubvisa zviitiko zvakaonekwa. Digital Shadows inobvumidza iwe kutevedzera digital assets iyo kambani uye vaongorori vayo vanopa mazano chaiwo maitiro.

Muchidimbu, Digital Shadows inopindirana inoenderana neSOC iripo kana inovhara zvizere kushanda. yekunze perimeter tracking. Iyo ecosystem yakavakwa kubvira 2011 uye zvinhu zvakawanda zvinonakidza zvakaitwa pasi pehodhi. DS_ inotarisisa iyo Internet, social media. network uye darknet uye inozivisa chete yakakosha kubva mukuyerera kwese kweruzivo.

Mutsamba yako yevhiki nevhiki IntSum iyo kambani inopa chiratidzo chaunogona kushandisa muhupenyu hwako hwezuva nezuva source assessments uye ruzivo rwakagamuchirwa. Iwe unogonawo kuona chiratidzo pamagumo echinyorwa.

Digital Shadows inokwanisa kuona uye kudzvinyirira phishing domains, fake maakaundi pasocial network; tsvaga zvitupa zvevashandi zvakakanganisika uye data rakaburitswa, tsvaga ruzivo nezvekuuya kwekurwiswa kwecyber pakambani, gara uchitarisisa nharaunda yesangano, uye gara uchiongorora nharembozha mubhokisi rejecha.

Kuziva njodzi dzedhijitari

Kambani yega yega, mukati mekuita kwayo, inowana maketani ekubatana nevatengi uye vanobatika, uye iyo data yainotsvaga kuchengetedza inova inowedzera munjodzi, uye huwandu hwayo huri kungokura.

Kuti utange kugadzirisa njodzi idzi, kambani inofanirwa kutanga kutarisa kupfuura perimeter yayo, kuidzora, uye kuwana ruzivo rwekukurumidza nezve shanduko.

Data Loss Detection (zvinyorwa zvinonzwisisika, vashandi vanosvikika, ruzivo rwehunyanzvi, pfuma yenjere).
Fungidzira kuti chako chenjere chakafumurwa paInternet kana kuti chakavanzika kodhi yemukati yakaburitswa netsaona mugitHub repository. Vanorwisa vanogona kushandisa iyi data kutanga mamwe anonangwa cyberattacks.

Online Brand Security (phishing domains uye profiles pasocial network, mobile software inotevedzera kambani).
Sezvo zvave kunetsa kuwana kambani isina social network kana puratifomu yakafanana yekudyidzana nevangangodaro vatengi, vanorwisa vanoedza kutevedzera zita rekambani. Cybercriminals vanoita izvi nekunyoresa fake domains, social media accounts, uye mobile apps. Kana phishing / scam ikabudirira, inogona kukanganisa mari, kuvimbika kwevatengi uye kuvimba.

Attack Surface Reduction (masevhisi asina njodzi paInternet perimeter, madoko akavhurika, zvitupa zvinonetsa).
Sezvo hupfumi hweIT hunokura, nzvimbo yekurwisa uye nhamba yezvinhu zvemashoko zvinoramba zvichikura. Nenguva isipi, masisitimu emukati anogona kuburitswa netsaona kune kunze kwenyika, senge dhatabhesi.

DS_ ichakuzivisa iwe nezve matambudziko murwi asati atora mukana iwo, simbisa izvo zvinonyanya kukosha, vanoongorora vanozokurudzira zvimwe zviito, uye iwe unogona kubva watora pasi.

Interface DS_

Iwe unogona kushandisa mhinduro yewebhu interface zvakananga kana kushandisa API.

Sezvauri kuona, pfupiso yekuongorora inoratidzwa muchimiro chefaniro, kutanga kubva kunhamba yekutaura uye kupera nezviitiko chaizvo zvakagamuchirwa kubva kwakasiyana zvinyorwa.

Vanhu vazhinji vanoshandisa mhinduro seWikipedia ine ruzivo pamusoro pevanorwisa vanoshingaira, mishandirapamwe yavo uye zviitiko mumunda wekuchengetedzwa kwemashoko.

Digital Shadows iri nyore kubatanidza mune chero yekunze system. Zvose zviziviso uye REST APIs zvinotsigirwa kuti zvibatanidzwe muhurongwa hwako. Unogona kutumidza IBM QRadar, ArcSight, Demisto, Anomali uye другие.

Maitiro ekugadzirisa njodzi dzedhijitari - 4 matanho ekutanga

Danho 1: Ziva Bhizinesi Yakakosha Assets

Iri danho rekutanga, hongu, kunzwisisa izvo zvinonyanya kufarirwa nesangano uye zvarinoda kuchengetedza.

Inogona kukamurwa muzvikamu zvakakosha:

• Vanhu (vatengi, vashandi, vashandi, vatengesi);
• Masangano (ane hukama uye makambani ebasa, general infrastructure);
• Masisitimu uye anoshanda akakosha maapplication (mawebhusaiti, portals, vatengi dhatabhesi, mubhadharo wekugadzirisa masisitimu, masisitimu ekuwana vashandi kana ERP application).

Paunenge uchinyora runyorwa urwu, zvinokurudzirwa kutevedzera zano rakareruka - midziyo inofanirwa kunge yakatenderedza maitiro ebhizinesi akakosha kana mabasa akakosha ehupfumi ekambani.

Kazhinji mazana ezviwanikwa anowedzerwa, kusanganisira:

• mazita emakambani;
• mabhureki/zviratidzo;
• IP kero siyana;
• domains;
• zvinongedzo kune masocial network;
• suppliers;
• mobile applications;
• nhamba dzepatent;
• magwaro ekumaka;
• DLP IDs;
• email siginecha.

Kuchinjira sevhisi kuti ienderane nezvido zvako kunovimbisa kuti iwe unogamuchira chete chenjedzo yakakodzera. Uku kutenderera kunodzokororwa, uye vashandisi veiyo system vanozowedzera midziyo pavanenge vachiwanikwa, senge mazita matsva epurojekiti, kusangana kuri kuuya uye kutora, kana kuvandudzwa kwewebhu domain.

Danho 2: Kunzwisisa Zvinogona Kutyisidzira

Kuti uverenge zvakanyanya njodzi, zvinodikanwa kuti unzwisise zvinogona kutyisidzira uye njodzi dzedhijitari dzekambani.

1. Attacker Techniques, Tactics uye Matanho (TTP)
   Framework MITER AT&CK uye vamwe vanobatsira kuwana mutauro wakafanana pakati pekudzivirira nekurwisa. Kuunganidza ruzivo uye hunhu hwekunzwisisa pane dzakasiyana siyana dzevanorwisa zvinopa mamiriro anobatsira pakudzivirira. Izvi zvinokutendera kuti unzwisise nhanho inotevera mukurwiswa kwakacherechedzwa, kana kuvaka pfungwa yakajairika yekudzivirira yakavakirwa pa Uraya Chain.
2. Attacker kugona
   Anorwisa achashandisa chinongedzo chisina kusimba kana nzira ipfupi. Akasiyana siyana ekurwisa mavheti uye musanganiswa wawo - mail, webhu, passive ruzivo muunganidzwa, nezvimwe.

Danho rechitatu: Kutarisisa Kuonekwa Kusingadiwe Kwemidziyo Yedhijitari

Kuti uone midziyo, zvinodikanwa kugara uchitarisa huwandu hukuru hwezvinyorwa, senge:

• Git repositories;
• Kuchengetedzwa kwegore zvisina kunaka;
• Paste nzvimbo;
• Social media;
• Maforamu ehutsotsi;
• Dak web.

Kuti utange, unogona kushandisa zvemahara zvinoshandiswa uye matekiniki akaiswa nekuomerwa mugwara'A Inoshanda Nhungamiro Kuderedza Digital Risk'.

Danho rechina: Tora Matanho ekudzivirira

Pakugamuchira chiziviso, matanho chaiwo anofanira kutorwa. Tinogona kusiyanisa Tactical, Operational uye Strategic.

MuDigital Shadows, yambiro yega yega inosanganisira inokurudzirwa zviito. Kana iyi iri phishing domain kana peji pasocial network, saka unogona kuteedzera mamiriro ekubhadhara muchikamu che "Takedowns".

Kuwana kune demo portal kwemazuva manomwe

Rega ndiite chengetedzo ipapo ipapo kuti iyi haisi bvunzo yakazara, asi kungosvika kwenguva pfupi kune demo portal kuti uzvizive neyako interface uye kutsvaga rumwe ruzivo. Kuedzwa kwakazara kuchave nedata rakakodzera kune imwe kambani uye inoda basa remuongorori.

Iyo demo portal ichave ne:

• Mienzaniso yezviziviso zvephishing domains, zvakafumurwa, uye kusasimba kwezvivakwa;
• tsvaga pamapeji edarknet, maforamu ematsotsi, mafeed nezvimwe zvakawanda;
• 200 cyber kutyisidzira profiles, maturusi uye mishandirapamwe.

Unogona kuwana izvi batanidzo.

Weekly newsletters uye podcast

Mutsamba yevhiki nevhiki IntSum unogona kugamuchira pfupiso pfupi yeruzivo rwekushanda uye zviitiko zvichangoburwa svondo rapfuura. Iwe unogona zvakare kuteerera kune podcast ShadowTalk.

Kuti uongorore kunobva, Digital Shadows inoshandisa zvirevo zvemhando kubva kumamatiki maviri, kuongorora kuvimbika kwekwakabva uye kuvimbika kweruzivo rwakagamuchirwa kubva kwavari.

Chinyorwa chakanyorwa zvichibva pa 'A Inoshanda Nhungamiro Kuderedza Digital Risk'.

Kana mhinduro ichikufarira iwe, unogona kutibata isu - iyo kambani factor group, muparidzi we Digital Shadows_. Zvese zvaunofanirwa kuita kunyora nemahara fomu pa [email inodzivirirwa].

Vanyori: popov-as и dima_go.

Source: www.habr.com