Mhlawumbi uyazi ukuba yintoni i-OSINT kwaye usebenzise i-injini yokukhangela ye-Shodan, okanye sele usebenzisa i-Platform ye-Threat Intelligence Platform ukubeka phambili ii-IOCs ezivela kwiintlobo ezahlukeneyo zokutya. Kodwa ngamanye amaxesha kuyimfuneko ukuba uhlale ujonge inkampani yakho ngaphandle kwaye ufumane uncedo ekupheliseni iziganeko ezichongiweyo.
Ngokwenyani, i-Digital Shadows incedisana ne-SOC ekhoyo okanye igubungela ngokupheleleyo ukusebenza. umkhondo weperimeter yangaphandle. I-ecosystem yakhiwe ukususela ngo-2011 kwaye zininzi izinto ezinomdla eziye zaphunyezwa phantsi kwe-hood. I-DS_ ijonga i-Intanethi, imidiya yoluntu. uthungelwano kunye ne-darknet kwaye ichonge kuphela okubalulekileyo kulo lonke uhambo lolwazi.
Kwincwadana yakho yeveki
I-Digital Shadows iyakwazi ukubona kunye nokucinezela i-phishing domains, i-akhawunti yobuxoki kwiintanethi zentlalo; Fumana iziqinisekiso zabasebenzi ezichaphazelekileyo kunye nedatha evuzayo, chonga ulwazi malunga nokuhlaselwa kwe-cyber kwinkampani, uhlala ubeka iliso kumjikelezo woluntu wombutho, kwaye uhlalutye rhoqo usetyenziso lweselula kwibhokisi yesanti.
Ukuchonga imingcipheko yedijithali
Inkampani nganye, ngexesha lemisebenzi yayo, ifumana amatyathanga onxibelelwano kunye nabathengi kunye namaqabane, kwaye idatha efuna ukuyikhusela iba sesichengeni ngakumbi, kwaye ubuninzi bayo bukhula kuphela.
Ukuqala ukulawula le mingcipheko, inkampani kufuneka iqale ukujonga ngaphaya komda wayo, iyilawule, kwaye ifumane ulwazi olukhawulezileyo malunga notshintsho.
Ukufunyanwa kwelahleko yedatha (amaxwebhu anovakalelo, abasebenzi abafikelelekayo, ulwazi lobugcisa, ipropathi enomgangatho ophezulu wokuqonda).
Khawucinge ukuba ubukrelekrele bakho buvezwe kwi-Intanethi okanye ikhowudi yangaphakathi eyimfihlo yavuzwa ngempazamo kwindawo yokugcina iGitHub. Abahlaseli banokusebenzisa le datha ukuqalisa uhlaselo lwe-cyber ekujoliswe kulo.
Ukhuseleko lweBrand kwi-Intanethi (i-phishing domains kunye neeprofayili kwiintanethi zentlalo, isofthiwe yeselula ilinganisa inkampani).
Kuba ngoku kunzima ukufumana inkampani ngaphandle kwenethiwekhi yoluntu okanye iqonga elifanayo lokunxibelelana nabathengi abanokubakho, abahlaseli bazama ukulinganisa uphawu lwenkampani. Izigebenga ze-Cybercriminal zikwenza oku ngokubhalisa iindawo zomgunyathi, iiakhawunti zemidiya yoluntu, kunye neeapps eziphathwayo. Ukuba i-phishing / scam iphumelele, inokuchaphazela ingeniso, ukunyaniseka kwabathengi kunye nokuthembela.
Uhlaselo lokuNcitshiswa koMphezulu (iinkonzo ezisesichengeni kwiperimeter ye-Intanethi, amazibuko avulekileyo, izatifikethi eziyingxaki).
Njengoko iziseko ze-IT zikhula, indawo yokuhlaselwa kunye nenani lezinto zolwazi ziqhubeka zikhula. Kungekudala okanye kamva, iinkqubo zangaphakathi zinokupapashwa ngempazamo kwihlabathi langaphandle, njengendawo yogcino-lwazi.
I-DS_ iya kukwazisa ngeengxaki ngaphambi kokuba umhlaseli athathe ithuba kuzo, agxininise ezona ziphambili ziphambili, abahlalutyi baya kucebisa amanyathelo angaphezulu, kwaye unokwenza kwangoko ukuthotywa.
Ujongano DS_
Unokusebenzisa ujongano lwewebhu lwesisombululo ngokuthe ngqo okanye usebenzise i-API.
Njengoko ubona, isishwankathelo sohlalutyo sinikezelwa ngendlela ye-funnel, ukususela kwinani lokukhankanywa kunye nokuphela kweziganeko zangempela ezifunyenwe kwimithombo eyahlukeneyo.
Abantu abaninzi basebenzisa isisombululo njengeWikipedia enolwazi malunga nabahlaseli abasebenzayo, amaphulo abo kunye neziganeko kwinkalo yokhuseleko lolwazi.
I-Digital Shadows kulula ukudibanisa kuyo nayiphi na inkqubo yangaphandle. Zombini izaziso kunye ne-REST APIs zixhaswa ukudityaniswa kwinkqubo yakho. Unokuthiwa IBM QRadar, ArcSight, Demisto, Anomali kunye
Indlela yokulawula imingcipheko yedijithali - 4 amanyathelo asisiseko
Inyathelo 1: Chonga iiMpahla eziBalulekileyo kwiShishini
Eli nyathelo lokuqala, ewe, kukuqonda eyona nto uyikhathaleleyo umbutho kunye nento ofuna ukuyikhusela.
Inokwahlulwa ngokweendidi eziphambili:
- Abantu (abathengi, abasebenzi, amaqabane, ababoneleli);
- Imibutho (iinkampani ezinxulumene kunye nenkonzo, iziseko zophuhliso jikelele);
- Iinkqubo kunye nezicelo ezibalulekileyo zokusebenza (iiwebhusayithi, ii-portals, ii-database zabathengi, iinkqubo zokulungisa iintlawulo, iinkqubo zokufikelela kubasebenzi okanye izicelo ze-ERP).
Xa uqulunqa olu luhlu, kuyacetyiswa ukuba ulandele ingcamango elula - i-asethi kufuneka ibe malunga neenkqubo zoshishino ezibalulekileyo okanye imisebenzi ebalulekileyo kwezoqoqosho yenkampani.
Ngokuqhelekileyo amakhulu emithombo yongezwa, kuquka:
- amagama enkampani;
- iimpawu/iimpawu zorhwebo;
- Uluhlu lweedilesi ze-IP;
- imimandla
- amakhonkco kwiintanethi zentlalo;
- ababoneleli;
- izicelo eziphathwayo;
- amanani elungelo elilodwa lomenzi wechiza;
- amaxwebhu okumakisha;
- Izazisi ze-DLP;
- iisignitsha ze-imeyile.
Ukulungelelanisa inkonzo kwiimfuno zakho kuqinisekisa ukuba ufumana izilumkiso ezifanelekileyo kuphela. Lo ngumjikelo ophindaphindwayo, kwaye abasebenzisi benkqubo baya kongeza ii-asethi njengoko zifumaneka, njengezihloko zeprojekthi entsha, ukudityaniswa okuzayo kunye nokuthengwayo, okanye imimandla yewebhu ehlaziyiweyo.
Inyathelo lesi-2: Ukuqonda iingozi ezinokubakho
Ukubala kakuhle imingcipheko, kuyimfuneko ukuqonda iingozi ezinokubakho kunye neengozi zedijithali zenkampani.
- IiNdlela zokuSebenza, iiNdlela zokuSebenza kunye neeNkqubo (TTP)
IsakheloMITER AT&CK kunye nabanye bancedisa ekufumaneni ulwimi olufanayo phakathi kokuzikhusela nokuhlasela. Ukuqokelela ulwazi kunye nokuziphatha kokuqonda kuluhlu olubanzi lwabahlaseli lubonelela ngomxholo oluncedo kakhulu xa ukhusela. Oku kukuvumela ukuba uqonde inyathelo elilandelayo ekuhlaselweni okuqatshelweyo, okanye ukwakha ingqikelelo yokhuselo olusekwe kwiKill Chain . - Amandla omhlaseli
Umhlaseli uya kusebenzisa ikhonkco elibuthathaka okanye indlela emfutshane. Ii-vectors zohlaselo ezahlukeneyo kunye nokudityaniswa kwazo - i-imeyile, iwebhu, ukuqokelela kolwazi lwe-passive, njl.
Inyathelo 3: Ukubeka iliso kwiiNkangeleko ezingafunwayo zeDijithali
Ukuchonga i-asethi, kuyimfuneko ukubeka iliso rhoqo inani elikhulu lemithombo, njengale:
- Git zokugcina;
- Ugcino lwamafu luqwalaseleke kakubi;
- Ncamathelisa iisayithi;
- Ezentlalontle imidiya
- Amaqonga olwaphulo-mthetho;
- Iwebhu emnyama.
Ukuqalisa, ungasebenzisa izinto eziluncedo simahla kunye neendlela ezibekwe ngobunzima kwisikhokelo'
Inyathelo lesi-4: Thatha amanyathelo okhuseleko
Emva kokufumana isaziso, amanyathelo athile kufuneka athathwe. Siyakwazi ukwahlula i-Tactical, i-Operational kunye ne-Strategic.
Kwimithunzi yeDijithali, isilumkiso ngasinye siquka izenzo ezicetyiswayo. Ukuba le yi-phishing domain okanye iphepha kwi-intanethi yentlalontle, ngoko unokulandelela imeko yembuyekezo kwicandelo elithi "Ukuthabatha".
Ukufikelela kwidemo portal iintsuku ezisi-7
Makhe ndenze ugcino ngoko nangoko ukuba olu ayilovavanyo olupheleleyo, kodwa ukufikelela okwethutyana kwi-portal yedemo ukuze uziqhelanise nojongano lwayo kwaye ukhangele ulwazi oluthile. Uvavanyo olupheleleyo luya kuba nedatha efanelekileyo kwinkampani ethile kwaye ifuna umsebenzi womhlalutyi.
Idemo portal iya kuqulatha:
- Imizekelo yezilumkiso zemimandla yokukhohlisa, iziqinisekiso eziveziweyo, kunye nobuthathaka beziseko ezingundoqo;
- khangela kumaphepha e-darknet, iiforam zolwaphulo-mthetho, ukutya kunye nokunye okuninzi;
- Iiprofayili ezingama-200 zezoyikiso ze-cyber, izixhobo kunye namaphulo.
Ungafikelela koku
Iileta zeendaba zeveki kunye nepodcast
Kwincwadana yeveki
Ukuvavanya umthombo, i-Digital Shadows isebenzisa iinkcazo ezisemgangathweni ezivela kumatriki amabini, ukuvavanya ukuthembeka kwemithombo kunye nokuthembeka kolwazi olufunyenwe kubo.
Inqaku libhalwe ngokusekelwe kwi '
Ukuba isisombululo sinomdla kuwe, ungaqhagamshelana nathi - inkampani
Ababhali:
umthombo: www.habr.com