ProHoster > Ibhulogi > Ulawulo > Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali
Mhlawumbi uyazi ukuba yintoni i-OSINT kwaye usebenzise i-injini yokukhangela ye-Shodan, okanye sele usebenzisa i-Platform ye-Threat Intelligence Platform ukubeka phambili ii-IOCs ezivela kwiintlobo ezahlukeneyo zokutya. Kodwa ngamanye amaxesha kuyimfuneko ukuba uhlale ujonge inkampani yakho ngaphandle kwaye ufumane uncedo ekupheliseni iziganeko ezichongiweyo. Izithunzi zeDijithali ikuvumela ukuba ulandelele asethi yedijithali inkampani kunye nabahlalutyi bayo bacebisa izenzo ezithile.

Ngokwenyani, i-Digital Shadows incedisana ne-SOC ekhoyo okanye igubungela ngokupheleleyo ukusebenza. umkhondo weperimeter yangaphandle. I-ecosystem yakhiwe ukususela ngo-2011 kwaye zininzi izinto ezinomdla eziye zaphunyezwa phantsi kwe-hood. I-DS_ ijonga i-Intanethi, imidiya yoluntu. uthungelwano kunye ne-darknet kwaye ichonge kuphela okubalulekileyo kulo lonke uhambo lolwazi.

Kwincwadana yakho yeveki IntSum inkampani ibonelela ngophawu onokulusebenzisa kubomi bakho bemihla ngemihla ukuya uvavanyo lwemithombo kunye nolwazi olufunyenweyo. Unokubona kwakhona uphawu ekupheleni kwenqaku.

I-Digital Shadows iyakwazi ukubona kunye nokucinezela i-phishing domains, i-akhawunti yobuxoki kwiintanethi zentlalo; Fumana iziqinisekiso zabasebenzi ezichaphazelekileyo kunye nedatha evuzayo, chonga ulwazi malunga nokuhlaselwa kwe-cyber kwinkampani, uhlala ubeka iliso kumjikelezo woluntu wombutho, kwaye uhlalutye rhoqo usetyenziso lweselula kwibhokisi yesanti.

Ukuchonga imingcipheko yedijithali

Inkampani nganye, ngexesha lemisebenzi yayo, ifumana amatyathanga onxibelelwano kunye nabathengi kunye namaqabane, kwaye idatha efuna ukuyikhusela iba sesichengeni ngakumbi, kwaye ubuninzi bayo bukhula kuphela.

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali
Ukuqala ukulawula le mingcipheko, inkampani kufuneka iqale ukujonga ngaphaya komda wayo, iyilawule, kwaye ifumane ulwazi olukhawulezileyo malunga notshintsho.

Ukufunyanwa kwelahleko yedatha (amaxwebhu anovakalelo, abasebenzi abafikelelekayo, ulwazi lobugcisa, ipropathi enomgangatho ophezulu wokuqonda).
Khawucinge ukuba ubukrelekrele bakho buvezwe kwi-Intanethi okanye ikhowudi yangaphakathi eyimfihlo yavuzwa ngempazamo kwindawo yokugcina iGitHub. Abahlaseli banokusebenzisa le datha ukuqalisa uhlaselo lwe-cyber ekujoliswe kulo.

Ukhuseleko lweBrand kwi-Intanethi (i-phishing domains kunye neeprofayili kwiintanethi zentlalo, isofthiwe yeselula ilinganisa inkampani).
Kuba ngoku kunzima ukufumana inkampani ngaphandle kwenethiwekhi yoluntu okanye iqonga elifanayo lokunxibelelana nabathengi abanokubakho, abahlaseli bazama ukulinganisa uphawu lwenkampani. Izigebenga ze-Cybercriminal zikwenza oku ngokubhalisa iindawo zomgunyathi, iiakhawunti zemidiya yoluntu, kunye neeapps eziphathwayo. Ukuba i-phishing / scam iphumelele, inokuchaphazela ingeniso, ukunyaniseka kwabathengi kunye nokuthembela.

Uhlaselo lokuNcitshiswa koMphezulu (iinkonzo ezisesichengeni kwiperimeter ye-Intanethi, amazibuko avulekileyo, izatifikethi eziyingxaki).
Njengoko iziseko ze-IT zikhula, indawo yokuhlaselwa kunye nenani lezinto zolwazi ziqhubeka zikhula. Kungekudala okanye kamva, iinkqubo zangaphakathi zinokupapashwa ngempazamo kwihlabathi langaphandle, njengendawo yogcino-lwazi.

I-DS_ iya kukwazisa ngeengxaki ngaphambi kokuba umhlaseli athathe ithuba kuzo, agxininise ezona ziphambili ziphambili, abahlalutyi baya kucebisa amanyathelo angaphezulu, kwaye unokwenza kwangoko ukuthotywa.

Ujongano DS_

Unokusebenzisa ujongano lwewebhu lwesisombululo ngokuthe ngqo okanye usebenzise i-API.

Njengoko ubona, isishwankathelo sohlalutyo sinikezelwa ngendlela ye-funnel, ukususela kwinani lokukhankanywa kunye nokuphela kweziganeko zangempela ezifunyenwe kwimithombo eyahlukeneyo.

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali
Abantu abaninzi basebenzisa isisombululo njengeWikipedia enolwazi malunga nabahlaseli abasebenzayo, amaphulo abo kunye neziganeko kwinkalo yokhuseleko lolwazi.

I-Digital Shadows kulula ukudibanisa kuyo nayiphi na inkqubo yangaphandle. Zombini izaziso kunye ne-REST APIs zixhaswa ukudityaniswa kwinkqubo yakho. Unokuthiwa IBM QRadar, ArcSight, Demisto, Anomali kunye nezinye.

Indlela yokulawula imingcipheko yedijithali - 4 amanyathelo asisiseko

Inyathelo 1: Chonga iiMpahla eziBalulekileyo kwiShishini

Eli nyathelo lokuqala, ewe, kukuqonda eyona nto uyikhathaleleyo umbutho kunye nento ofuna ukuyikhusela.

Inokwahlulwa ngokweendidi eziphambili:

  • Abantu (abathengi, abasebenzi, amaqabane, ababoneleli);
  • Imibutho (iinkampani ezinxulumene kunye nenkonzo, iziseko zophuhliso jikelele);
  • Iinkqubo kunye nezicelo ezibalulekileyo zokusebenza (iiwebhusayithi, ii-portals, ii-database zabathengi, iinkqubo zokulungisa iintlawulo, iinkqubo zokufikelela kubasebenzi okanye izicelo ze-ERP).

Xa uqulunqa olu luhlu, kuyacetyiswa ukuba ulandele ingcamango elula - i-asethi kufuneka ibe malunga neenkqubo zoshishino ezibalulekileyo okanye imisebenzi ebalulekileyo kwezoqoqosho yenkampani.

Ngokuqhelekileyo amakhulu emithombo yongezwa, kuquka:

  • amagama enkampani;
  • iimpawu/iimpawu zorhwebo;
  • Uluhlu lweedilesi ze-IP;
  • imimandla
  • amakhonkco kwiintanethi zentlalo;
  • ababoneleli;
  • izicelo eziphathwayo;
  • amanani elungelo elilodwa lomenzi wechiza;
  • amaxwebhu okumakisha;
  • Izazisi ze-DLP;
  • iisignitsha ze-imeyile.

Ukulungelelanisa inkonzo kwiimfuno zakho kuqinisekisa ukuba ufumana izilumkiso ezifanelekileyo kuphela. Lo ngumjikelo ophindaphindwayo, kwaye abasebenzisi benkqubo baya kongeza ii-asethi njengoko zifumaneka, njengezihloko zeprojekthi entsha, ukudityaniswa okuzayo kunye nokuthengwayo, okanye imimandla yewebhu ehlaziyiweyo.

Inyathelo lesi-2: Ukuqonda iingozi ezinokubakho

Ukubala kakuhle imingcipheko, kuyimfuneko ukuqonda iingozi ezinokubakho kunye neengozi zedijithali zenkampani.

  1. IiNdlela zokuSebenza, iiNdlela zokuSebenza kunye neeNkqubo (TTP)
    Isakhelo MITER AT&CK kunye nabanye bancedisa ekufumaneni ulwimi olufanayo phakathi kokuzikhusela nokuhlasela. Ukuqokelela ulwazi kunye nokuziphatha kokuqonda kuluhlu olubanzi lwabahlaseli lubonelela ngomxholo oluncedo kakhulu xa ukhusela. Oku kukuvumela ukuba uqonde inyathelo elilandelayo ekuhlaselweni okuqatshelweyo, okanye ukwakha ingqikelelo yokhuselo olusekwe kwi Kill Chain.
  2. Amandla omhlaseli
    Umhlaseli uya kusebenzisa ikhonkco elibuthathaka okanye indlela emfutshane. Ii-vectors zohlaselo ezahlukeneyo kunye nokudityaniswa kwazo - i-imeyile, iwebhu, ukuqokelela kolwazi lwe-passive, njl.

Inyathelo 3: Ukubeka iliso kwiiNkangeleko ezingafunwayo zeDijithali

Ukuchonga i-asethi, kuyimfuneko ukubeka iliso rhoqo inani elikhulu lemithombo, njengale:

  • Git zokugcina;
  • Ugcino lwamafu luqwalaseleke kakubi;
  • Ncamathelisa iisayithi;
  • Ezentlalontle imidiya
  • Amaqonga olwaphulo-mthetho;
  • Iwebhu emnyama.

Ukuqalisa, ungasebenzisa izinto eziluncedo simahla kunye neendlela ezibekwe ngobunzima kwisikhokelo'Isikhokelo esiSebenzayo sokunciphisa uMngcipheko weDijithali'

Inyathelo lesi-4: Thatha amanyathelo okhuseleko

Emva kokufumana isaziso, amanyathelo athile kufuneka athathwe. Siyakwazi ukwahlula i-Tactical, i-Operational kunye ne-Strategic.

Kwimithunzi yeDijithali, isilumkiso ngasinye siquka izenzo ezicetyiswayo. Ukuba le yi-phishing domain okanye iphepha kwi-intanethi yentlalontle, ngoko unokulandelela imeko yembuyekezo kwicandelo elithi "Ukuthabatha".

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali

Ukufikelela kwidemo portal iintsuku ezisi-7

Makhe ndenze ugcino ngoko nangoko ukuba olu ayilovavanyo olupheleleyo, kodwa ukufikelela okwethutyana kwi-portal yedemo ukuze uziqhelanise nojongano lwayo kwaye ukhangele ulwazi oluthile. Uvavanyo olupheleleyo luya kuba nedatha efanelekileyo kwinkampani ethile kwaye ifuna umsebenzi womhlalutyi.

Idemo portal iya kuqulatha:

  • Imizekelo yezilumkiso zemimandla yokukhohlisa, iziqinisekiso eziveziweyo, kunye nobuthathaka beziseko ezingundoqo;
  • khangela kumaphepha e-darknet, iiforam zolwaphulo-mthetho, ukutya kunye nokunye okuninzi;
  • Iiprofayili ezingama-200 zezoyikiso ze-cyber, izixhobo kunye namaphulo.

Ungafikelela koku unxibelelwano.

Iileta zeendaba zeveki kunye nepodcast

Kwincwadana yeveki IntSum ungafumana isishwankathelo esifutshane solwazi olusebenzayo kunye neziganeko zamva nje kwiveki ephelileyo. Unako kwakhona ukumamela ipodcast I-ShadowTalk.

Ukuvavanya umthombo, i-Digital Shadows isebenzisa iinkcazo ezisemgangathweni ezivela kumatriki amabini, ukuvavanya ukuthembeka kwemithombo kunye nokuthembeka kolwazi olufunyenwe kubo.

Digital Shadows - ngokufanelekileyo inceda ukunciphisa imingcipheko yedijithali
Inqaku libhalwe ngokusekelwe kwi 'Isikhokelo esiSebenzayo sokunciphisa uMngcipheko weDijithali'

Ukuba isisombululo sinomdla kuwe, ungaqhagamshelana nathi - inkampani iqela lezinto, umthengisi we Digital Shadows_. Okufuneka ukwenze kukubhala ngefomu yasimahla apha [imeyile ikhuselwe].

Ababhali: popov-njengoko ΠΈ dima_hamba.

umthombo: www.habr.com

Yongeza izimvo