ProHoster > Ibhulogi > Ulawulo > I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo
Umthombo: Acunetix

I-Red Teaming lukulinganisa okuntsokothileyo kohlaselo lokwenyani ukuze kuhlolwe ukhuseleko lwe-cybersecurity lweenkqubo. "Iqela eliBomvu" liqela abapentesta (iingcali zenza uvavanyo lokungena kwisistim). Banokuthi baqeshwe ngaphandle okanye abasebenzi bombutho wakho, kodwa kuzo zonke iimeko indima yabo iyafana - ukulinganisa izenzo zabangeneleli kwaye uzame ukungena kwinkqubo yakho.

Kunye "namaqela abomvu" kwi-cybersecurity, kukho inani labanye. Ngokomzekelo, iQela leBlue lisebenza kunye neQela eliBomvu, kodwa imisebenzi yalo ijolise ekuphuculeni ukhuseleko lweziseko zenkqubo ukusuka ngaphakathi. Iqela lePurple likhonkco, lincedisa amanye amaqela amabini ekuphuhliseni amaqhinga okuhlasela kunye nokukhusela. Nangona kunjalo, ukubuyisela ixesha ngenye yeendlela ezingaqondwa kancinci zokulawula ukhuseleko lwe-cyber, kwaye imibutho emininzi ihlala ithandabuza ukwamkela lo mkhuba.
Kweli nqaku, siza kuchaza ngokweenkcukacha oko kulele emva kombono we-Red Teaming, kunye nendlela ukuphunyezwa kweendlela ezinzima zokulinganisa uhlaselo lokwenyani kunokunceda ukuphucula ukhuseleko lombutho wakho. Injongo yeli nqaku kukubonisa indlela le ndlela enokwandisa ngayo ukhuseleko lweenkqubo zakho zolwazi.

Red Teaming Overview

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Nangona kwixesha lethu, amaqela "obomvu" kunye "oluhlaza okwesibhakabhaka" adityaniswa ngokukodwa kwintsimi yetekhnoloji yolwazi kunye nokhuseleko lwe-cybersecurity, ezi ngcamango zayilwa ngumkhosi. Ngokubanzi, kwakusemkhosini endaqala ukuva ngezi ngcamango. Ukusebenza njengomhlalutyi we-cybersecurity kwiminyaka yoo-1980 kwakwahluke kakhulu kunanamhlanje: ukufikelela kwiinkqubo zekhompyutha ezifihliweyo kwakuthintelwe kakhulu kunokuba kunjalo namhlanje.

Ngaphandle koko, amava am okuqala emidlalo yemfazwe-ukulinganisa, ukulinganisa, kunye nokusebenzisana-kwakufana kakhulu nenkqubo yanamhlanje yohlaselo oluntsonkothileyo, olufumene indlela yayo kwi-cybersecurity. Njengangoku, ingqalelo enkulu yahlawulwa ekusebenziseni iindlela zobunjineli bezentlalo ukukholisa abasebenzi ukuba banike "utshaba" ukufikelela okungafanelekanga kwiinkqubo zomkhosi. Ngoko ke, nangona iindlela zobugcisa bokulinganisa ukuhlaselwa ziqhubele phambili kakhulu ukususela kwiminyaka ye-80, kuyafaneleka ukuba uqaphele ukuba ezininzi zezona zixhobo eziphambili zendlela yokuchasa, kwaye ngokukodwa ubuchwephesha bobunjineli boluntu, ubukhulu becala buzimele.

Ixabiso eliphambili lokuxelisa okunzima kokuhlaselwa kwangempela nalo alizange litshintshe ukususela kwi-80s. Ngokulinganisa uhlaselo kwiinkqubo zakho, kulula kuwe ukuba ufumane ubuthathaka kwaye uqonde ukuba bangaxhatshazwa njani. Kwaye ngelixa ukuphinda kusetyenziswe ngokuyintloko ngabaduni abamhlophe kunye neengcali ze-cybersecurity zijonge ubuthathaka ngovavanyo lokungena, ngoku sele isetyenziswa ngokubanzi kwi-cybersecurity kunye neshishini.

Isitshixo sokubuyisela ixesha kukuqonda ukuba awukwazi ukufumana ingqiqo yokhuseleko lweenkqubo zakho de zihlaselwe. Kwaye endaweni yokuzibeka emngciphekweni wokuhlaselwa ngabahlaseli bokwenyani, kukhuselekile kakhulu ukulinganisa uhlaselo olunjalo ngomyalelo obomvu.

Iqela elibomvu: ukusetyenziswa kwamatyala

Indlela elula yokuqonda iziseko ze-redtiming kukujonga imizekelo embalwa. Nazi ezimbini zazo:

  • Imeko 1. Khawucinge ukuba indawo yenkonzo yabathengi iye yavavanywa kwaye yavavanywa ngempumelelo. Kubonakala ngathi oku kubonisa ukuba yonke into ilungile. Nangona kunjalo, kamva, kuhlaselo oluntsonkothileyo, iqela elibomvu lifumanisa ukuba ngelixa i-app yenkonzo yabathengi ngokwayo ilungile, inqaku lengxoxo yomntu wesithathu alikwazi ukuchonga ngokuchanekileyo abantu, kwaye oku kwenza ukuba kube lula ukukhohlisa abameli benkonzo yabathengi ukuba batshintshe idilesi yabo ye-imeyile. .kwi-akhawunti (njengesiphumo sokuba umntu omtsha, umhlaseli, angakwazi ukufikelela).
  • Imeko 2. Njengomphumo wokungena, zonke i-VPN kunye nolawulo lokufikelela kude lufunyenwe lukhuselekile. Nangona kunjalo, ngoko ummeli "weqela elibomvu" udlula ngokukhululekileyo kwidesksi yokubhalisa kwaye akhuphe i-laptop yomnye wabasebenzi.

Kuzo zombini ezi meko zingasentla, "iqela elibomvu" alitsheki kuphela ukuthembeka kwenkqubo nganye, kodwa nayo yonke inkqubo xa iyonke ngobuthathaka.

Ngubani ofuna ukulinganisa uhlaselo oluntsonkothileyo?

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Ngamafutshane, phantse nayiphi na inkampani inokuzuza ngokubuyisela ixesha. Njengoko kubonisiwe kwiNgxelo yethu yoMngcipheko weDatha ka-2019., inani elikhulu eloyikisayo lemibutho liphantsi kwenkolelo yobuxoki yokuba inolawulo olupheleleyo kwidatha yabo. Sifumene, umzekelo, ukuba kumyinge we-22% yeefolda zenkampani ziyafumaneka kumqeshwa ngamnye, kwaye i-87% yeenkampani zineefayile ezibuthathaka eziphelelwe lixesha ezingaphezulu kwe-1000 kwiinkqubo zazo.

Ukuba inkampani yakho ayikho kumzi mveliso wetekhnoloji, isenokungabonakali ngathi ukubuyisela ixesha kwakhona kuya kukunceda kakhulu. Kodwa akunjalo. Ukhuseleko lwe-Cybersecurity alukho malunga nokukhusela ulwazi oluyimfihlo kuphela.

Abenzi bobubi bazama ngokulinganayo ukubamba itekhnoloji nokuba ithini na into eyenziwa yinkampani. Umzekelo, banokufuna ukufikelela kwinethiwekhi yakho ukuze bafihle izenzo zabo zokuthatha enye inkqubo okanye inethiwekhi kwenye indawo emhlabeni. Ngolu hlobo lohlaselo, abahlaseli abayidingi idatha yakho. Bafuna ukosulela iikhompyuter zakho nge-malware ukuze ujike inkqubo yakho ibe liqela le-botnets ngoncedo lwabo.

Kwiinkampani ezincinci, kunokuba nzima ukufumana izixhobo zokukhulula. Kule meko, kunengqiqo ukuphathisa le nkqubo kwikontraka yangaphandle.

Iqela eliBomvu: Iingcebiso

Elona xesha lifanelekileyo kunye nokuphindaphindwa kokwenziwa ngokutsha kuxhomekeke kwicandelo osebenza kulo kunye nokukhula kwezixhobo zakho zokhuseleko lwe-cybersecurity.

Ngokukodwa, kufuneka ube nemisebenzi ezenzekelayo efana nokuphononongwa kwe-asethi kunye nohlalutyo lobungozi. Umbutho wakho kufuneka kwakhona udibanise itekhnoloji ezenzekelayo kunye nokongamela komntu ngokuqhuba rhoqo uvavanyo lokungena olupheleleyo.
Emva kokugqiba imijikelo emininzi yeshishini lovavanyo lokungena kunye nokufumana ubuthathaka, unokuqhubeka nokulinganisa okuntsonkothileyo kohlaselo lokwenyani. Kweli nqanaba, ukubuyisela ixesha kwakhona kuya kukuzisela izibonelelo ezibonakalayo. Nangona kunjalo, ukuzama ukuyenza ngaphambi kokuba ube neziseko ze-cybersecurity endaweni akuyi kuzisa iziphumo ezibonakalayo.

Iqela lomnqwazi omhlophe linokuthi likwazi ukuphazamisa inkqubo engalungiswanga ngokukhawuleza kwaye kulula ukuba ufumane ulwazi oluncinane kakhulu ukuba uthathe inyathelo elongezelelweyo. Ukuze ube nefuthe lokwenyani, ulwazi olufunyenwe "liqela elibomvu" kufuneka luthelekiswe neemvavanyo zangaphambili zokungena kunye neemvavanyo zobuthathaka.

Yintoni uvavanyo lokungena?

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Ukuxelisa okuyinkimbinkimbi kohlaselo lokwenyani (i-Red Teaming) ihlala ibhidaniswa nayo uvavanyo lokungena (pentest), kodwa ezi ndlela zimbini zahluke kancinane. Ngokuchaneke ngakumbi, uvavanyo lokungena yenye nje yeendlela zokubuyisela ixesha.

Indima yePentester ichazwe kakuhle. Umsebenzi wamapentesta wahlulwe wangamanqanaba amane aphambili: ukucwangcisa, ukufunyanwa kolwazi, ukuhlasela, kunye nokunika ingxelo. Njengoko ubona, i-pentesters yenza okungakumbi kunokujonga nje ubuthathaka besoftware. Bazama ukuzibeka ezicathulweni zabaduni, kwaye nje ukuba bangene kwinkqubo yakho, umsebenzi wabo wokwenyani uqala.

Bafumanisa ubuthathaka kwaye emva koko baqhube uhlaselo olutsha olusekwe kulwazi olufunyenweyo, behamba ngolawulo lwefolda. Oku koko kwahlula abavavanyi bokungena kwabo baqeshelwe kuphela ukufumana ubuthathaka, usebenzisa isoftware yokuskena izibuko okanye ukufumanisa intsholongwane. I-pentester enamava inokugqiba:

  • apho abahlaseli banokukhokelela ekuhlaseleni kwabo;
  • indlela abahlaseli abaya kuhlasela ngayo;
  • Ukuzikhusela kwakho kuya kuziphatha njani?
  • ubungakanani bolwaphulo.

Uvavanyo lokungena lugxile ekuchongeni ubuthathaka kwisicelo kunye namanqanaba enethiwekhi, kunye namathuba okunqoba imiqobo yokhuseleko lomzimba. Ngelixa uvavanyo oluzenzekelayo lunokuveza imiba ethile yokhuseleko lwe-cyber, uvavanyo lokungena ngesandla luthathela ingqalelo ukuba sesichengeni seshishini ekuhlaselweni.

Iqela eliBomvu vs. uvavanyo lokungena

Ngokungathandabuzekiyo, uvavanyo lokungena lubalulekile, kodwa yinxalenye enye yothotho lwemisebenzi yokubuyisela ixesha. Imisebenzi ye "iqela elibomvu" ineenjongo ezibanzi ngakumbi kunezo zepentesters, ezihlala zifuna ukufikelela kwinethiwekhi. I-Redteaming idla ngokubandakanya abantu abaninzi, izixhobo kunye nexesha njengoko iqela elibomvu ligrumba nzulu ukuze liqonde ngokupheleleyo inqanaba lokwenyani lomngcipheko kunye nokuba semngciphekweni kwezobuchwephesha kunye nezinto zombutho zomntu nezomzimba.

Ukongezelela, kukho ezinye iiyantlukwano. I-Redtiming idla ngokusetyenziswa yimibutho enamanyathelo aqolileyo kunye nenqanaba eliphezulu le-cybersecurity (nangona oku kungasoloko kunjalo xa kusenziwa).

Ezi ziqhelekileyo iinkampani esele zenze uvavanyo lokungena kwaye zilungise uninzi lobuthathaka obufunyenweyo kwaye ngoku zikhangela umntu onokuzama kwakhona ukufikelela kulwazi olubuthathaka okanye aphule ukhuseleko nangayiphi na indlela.
Kungenxa yoko le nto ukubuyisela ixesha kuxhomekeke kwiqela leengcali zokhuseleko ezigxile kwinjongo ethile. Bajolisa kubuthathaka bangaphakathi kwaye basebenzise iindlela zobunjineli bobuchwephesha bobuchwephesha bentlalontle kubasebenzi bombutho. Ngokungafaniyo nama-pentesters, amaqela abomvu athatha ixesha lawo ngexesha lokuhlaselwa kwawo, efuna ukunqanda ukubhaqwa njenge-cybercriminal yokwenyani.

IiNzuzo zokuSebenza ngokuBomvu

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Zininzi iingenelo zokulinganisa okunzima kohlaselo lokwenyani, kodwa okona kubaluleke kakhulu, le ndlela ikuvumela ukuba ufumane umfanekiso obanzi wenqanaba le-cybersecurity yombutho. Inkqubo eqhelekileyo yokuhlasela efaniswayo yokuphela ukuya esiphelweni iya kubandakanya uvavanyo lokungena (inethiwekhi, isicelo, ifowuni ephathwayo, kunye nesinye isixhobo), ubunjineli bezentlalo (ihlala kwindawo, iifowuni, i-imeyile, okanye imiyalezo ebhaliweyo kunye nencoko), kunye nokungena emzimbeni. (ukwaphula izitshixo, ukubona iindawo ezifileyo zeekhamera zokhuseleko, iindlela zokulumkisa ezidlulayo). Ukuba kukho ubuthathaka kuyo nayiphi na imiba yesixokelelwano sakho, ziya kufunyanwa.

Nje ukuba ubuthathaka bufunyenwe, bunokulungiswa. Inkqubo yokulinganisa uhlaselo olusebenzayo ayipheli ngokufunyanwa kobuthathaka. Nje ukuba iziphene zokhuseleko zichongiwe ngokucacileyo, uya kufuna ukusebenza ekuzilungiseni kwaye uzivavanye kwakhona. Ngapha koko, umsebenzi wokwenyani udla ngokuqala emva kokungena kweqela elibomvu, xa uhlalutya uhlaselo kwaye uzame ukunciphisa ubuthathaka obufunyenweyo.

Ukongeza kwezi zibonelelo zimbini ziphambili, ukubuyisela ixesha kwakhona kubonelela ngenani lezinye. Ngoko, "iqela elibomvu" liyakwazi:

  • ukuchonga imingcipheko kunye nobuthathaka ekuhlaselweni kwii-asethi zolwazi oluphambili lweshishini;
  • ukulinganisa iindlela, amaqhinga kunye neenkqubo zabahlaseli bokwenyani kwindawo enomngcipheko olinganiselweyo nolawulwayo;
  • Vavanya amandla ombutho wakho okufumanisa, ukuphendula, kunye nokuthintela izisongelo ezintsonkothileyo, ekujoliswe kuzo;
  • Khuthaza intsebenziswano esondeleyo namasebe okhuseleko kunye namaqela aluhlaza ukubonelela ngonciphiso olubalulekileyo kunye nokuqhuba iindibano zocweyo ezibanzi emva kobuthathaka obufunyenweyo.

Isebenza njani iRed Teaming?

Indlela entle yokuqonda ukuba ukusebenza kwe-redtiming kukujonga indlela eqhele ukusebenza ngayo. Inkqubo eqhelekileyo yokulinganisa uhlaselo oluntsonkothileyo inezigaba ezininzi:

  • Umbutho uyavumelana "neqela elibomvu" (ngaphakathi okanye ngaphandle) ngenjongo yokuhlaselwa. Umzekelo, loo njongo inokuba kukufumana kwakhona ulwazi olubuthathaka kwiseva ethile.
  • Emva koko "iqela elibomvu" liqhuba ukuqwalaselwa kwakhona kwethagethi. Isiphumo ngumzobo weenkqubo ekujoliswe kuzo, kubandakanywa iinkonzo zenethiwekhi, izicelo zewebhu, kunye nee-portals zabasebenzi bangaphakathi. .
  • Emva koko, ubuthathaka bukhangelwa kwinkqubo ekujoliswe kuyo, edla ngokuphunyezwa kusetyenziswa uhlaselo lwe-phishing okanye i-XSS. .
  • Nje ukuba iithokheni zokufikelela zifunyenwe, iqela elibomvu lizisebenzisa ukuphanda ubuthathaka obungakumbi. .
  • Xa obunye ubuthathaka bufunyenwe, "iqela elibomvu" liya kufuna ukwandisa inqanaba labo lokufikelela kwinqanaba eliyimfuneko ukufezekisa injongo. .
  • Ekufumaneni ukufikelela kwidatha ekujoliswe kuyo okanye i-asethi, umsebenzi wokuhlaselwa uthathwa njengogqityiweyo.

Ngapha koko, ingcaphephe yeqela elibomvu enamava iya kusebenzisa inani elikhulu leendlela ezahlukeneyo ukufikelela kwinqanaba ngalinye kula. Nangona kunjalo, eyona nto iphambili ethathwe kulo mzekelo ungasentla kukuba ubuthathaka obuncinci kwiinkqubo zomntu ngamnye bunokujika bube bukusilela okuyintlekele ukuba bubotshelelwe kunye.

Yintoni ekufuneka iqwalaselwe xa kubhekiswa kwi "iqela elibomvu"?

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Ukufumana okuninzi kwi-redtiming, kufuneka ulungiselele ngononophelo. Iinkqubo kunye neenkqubo ezisetyenziswa ngumbutho ngamnye zihlukile, kwaye umgangatho womgangatho wokubuyisela ixesha ufezekiswa xa ujolise ekufumaneni ubuthathaka kwiinkqubo zakho. Ngenxa yesi sizathu, kubalulekile ukuqwalasela inani lemiba:

Yazi into oyikhangelayo

Okokuqala, kubalulekile ukuqonda ukuba zeziphi iinkqubo kunye neenkqubo ofuna ukuzijonga. Mhlawumbi uyazi ukuba ufuna ukuvavanya usetyenziso lwewebhu, kodwa awuqondi kakuhle ukuba ithetha ukuthini kwaye zeziphi ezinye iinkqubo ezidityaniswe nezicelo zakho zewebhu. Ke ngoko, kubalulekile ukuba ube nokuqonda kakuhle kweenkqubo zakho kwaye ulungise nabuphi na ubuthathaka obucacileyo ngaphambi kokuba uqalise ukulinganisa okuntsonkothileyo kohlaselo lokwenyani.

Yazi inethwekhi yakho

Oku kuhambelana nesindululo sangaphambili, kodwa kuninzi malunga neempawu zobuchwepheshe bothungelwano lwakho. Okungcono unokulinganisa indawo yakho yokuvavanya, ichaneke ngakumbi kwaye iqela lakho elibomvu liya kuba.

Yazi Uqingqo-mali Lwakho

I-Redtiming inokwenziwa kumanqanaba ahlukeneyo, kodwa ukulinganisa uluhlu olupheleleyo lohlaselo kwinethiwekhi yakho, kubandakanywa ubunjineli bezentlalo kunye nokungena emzimbeni, kunokuba yindleko. Ngenxa yesi sizathu, kubalulekile ukuqonda ukuba yimalini onokuyisebenzisa kwitshekhi kwaye, ngokufanelekileyo, uchaze ububanzi bayo.

Yazi inqanaba lomngcipheko wakho

Eminye imibutho inokumelana nenqanaba eliphezulu lomngcipheko njengenxalenye yeenkqubo zayo zoshishino. Abanye kuya kufuneka banciphise inqanaba labo lomngcipheko ukuya kuthi ga kwinqanaba elikhulu, ngakumbi ukuba inkampani isebenza kushishino olulawulwa kakhulu. Yiyo loo nto kubalulekile ukugxila kumngcipheko obeka isoyikiso kwishishini lakho xa usenza uhlengahlengiso.

Iqela eliBomvu: Izixhobo kunye namaqhinga

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Ukuba iphunyezwe ngokuchanekileyo, "iqela elibomvu" liya kwenza uhlaselo olupheleleyo kwiinethiwekhi zakho usebenzisa zonke izixhobo kunye neendlela ezisetyenziswa ngabahlaseli. Phakathi kwezinye izinto, oku kubandakanya:

  • Uvavanyo lokuNgena kweSicelo - ijolise ekuchongeni ubuthathaka kwinqanaba lesicelo, njenge-forgery yesicelo se-cross-site, iziphene zokungena kwedatha, ulawulo lweseshoni olubuthathaka, kunye nabanye abaninzi.
  • Uvavanyo lokuNgena kweNethiwekhi - ijolise ekuchongeni ubuthathaka kwinethiwekhi kunye nenqanaba lenkqubo, kubandakanywa ukungahambi kakuhle, ubuthathaka benethiwekhi engenazintambo, iinkonzo ezingagunyaziswanga, kunye nokunye.
  • Uvavanyo lokungena ngokwasemzimbeni - ukujonga ukusebenza, kunye namandla kunye nobuthathaka bolawulo lokhuseleko lomzimba kubomi bokwenyani.
  • ubunjineli bezentlalo - ijolise ekusebenziseni ubuthathaka babantu kunye nendalo yomntu, ukuvavanya ukukwazi kwabantu ukukhohlisa, ukukholisa kunye nokukhohlisa ngee-imeyile ze-phishing, iifowuni kunye nemiyalezo ebhaliweyo, kunye nokuqhagamshelana ngokomzimba kwangoko.

Zonke ezi zinto zingasentla ngamalungu okubuyisela ixesha. Luhlaselo oluvuthelweyo olugcweleyo oluyilelwe ukumisela ukuba abantu bakho, uthungelwano, usetyenziso, kunye nolawulo lokhuseleko lomzimba banokumelana njani nohlaselo lokwenyani.

Uphuhliso oluqhubekayo lweendlela ze-Red Teaming

Ubume bokulinganisa obunzima bokuhlaselwa kwangempela, apho amaqela abomvu azama ukufumana ubuthathaka obutsha bokhuseleko kunye namaqela aluhlaza okwesibhakabhaka azama ukulungisa, kukhokelela ekuphuhlisweni rhoqo kweendlela zokuhlola okunjalo. Ngenxa yesi sizathu, kunzima ukuqulunqa uluhlu oluhlaziyiweyo lweendlela zanamhlanje zokubuyisela ixesha, njengoko zikhawuleza ziphelelwe lixesha.

Ke ngoko, uninzi lwabadlali abahlaziyiweyo baya kuchitha ubuncinci bexesha labo befunda malunga nobuthathaka obutsha kwaye baxhaphaze, besebenzisa izixhobo ezininzi ezibonelelwa ngabahlali beqela elibomvu. Nazi ezona ndawo zidumileyo kolu luntu:

  • IPentester Academy yinkonzo yomrhumo enikezela ngezifundo zevidiyo ezikwi-intanethi ezijolise ikakhulu kuvavanyo lokungena, kunye nezifundo zenkqubo yophando lwenkqubo yokusebenza, imisebenzi yobunjineli bezentlalo, kunye nolwimi lwendibano yokhuseleko lolwazi.
  • Vincent Yiu "ngumqhubi we-cybersecurity okhubekisayo" ohlala ebloga malunga neendlela zokulinganisa okunzima kohlaselo lokwenyani kwaye ungumthombo olungileyo weendlela ezintsha.
  • I-Twitter ikwangumthombo olungileyo ukuba ujonge ulwazi oluhlaziyiweyo lokubuyisela ixesha. Ungayifumana ngeehashtag #redteam ΠΈ #ukudlala kwakhona.
  • UDaniel Miessler yenye ingcali enamava e-redtiming evelisa incwadana yeendaba kunye ipodcast, iinkokeli website kwaye ubhala kakhulu malunga neendlela zangoku zeqela elibomvu. Phakathi kwamanqaku akhe akutshanje: "Iqela lePentest eliPurple lithetha ukuba Amaqela akho aBomvu neBlue asiphumelelanga" ΠΈ "Imbuyekezo yokuba sesichengeni kunye nexesha lokusebenzisa uVavanyo lokuba sesichengeni, uvavanyo lokungena, kunye nokulinganisa uhlaselo olupheleleyo".
  • I-Swig yemihla ngemihla yincwadana yokhuseleko lwewebhu exhaswa yiPortSwigger Web Security. Esi sisixhobo esilungileyo sokufunda malunga nophuhliso lwamva nje kunye neendaba kwicandelo le-redtiming - ii-hacks, ukuvuza kwedatha, ukuxhaphaza, ubuthathaka besicelo sewebhu kunye nobuchwepheshe obutsha bokhuseleko.
  • UFlorian Hansemann ngumnqwazi omhlophe kunye nomvavanyi wokungena ohlala egubungela amaqhinga amatsha eqela elibomvu kuye iposti yebhlog.
  • Iilebhu ze-MWR zilungile, nangona zibuchwephesha kakhulu, umthombo weendaba zokuhlaziya ixesha. Bathumela luncedo kumaqela abomvu izixhobokunye neyabo Twitter feed iqulethe iingcebiso zokusombulula iingxaki abavavanyi bokhuseleko abajongana nazo.
  • Emad Shanab - Igqwetha kunye ne "hacker emhlophe". Ukutya kwakhe kwe-Twitter kuneendlela eziluncedo "kumaqela abomvu", njengokubhala iinaliti ze-SQL kunye nokwenza iithokheni ze-OAuth.
  • Amaqhinga ka-Mitre's Adversarial, amaqhinga kunye nolwazi oluqhelekileyo (ATT & CK) sisiseko solwazi olugciniweyo lokuziphatha komhlaseli. Ilandelela izigaba zomjikelo wobomi babahlaseli kunye namaqonga abajolise kuwo.
  • Incwadi yokudlala yeHacker sisikhokelo sabahlaseli, abathi, nangona bendala kakhulu, bagqume uninzi lweendlela ezisisiseko ezisentliziyweni yokulinganisa okuntsokothileyo kohlaselo lokwenyani. Umbhali uPeter Kim naye uye Twitter feed, apho anikezela ngeengcebiso zokuqhekeza kunye nolunye ulwazi.
  • IZiko le-SANS ngomnye umboneleli ophambili wezixhobo zoqeqesho kukhuseleko lonxibelelwano. Yabo Twitter feedIgxininise kubunzulu-lwazi bedijithali kunye nempendulo yezehlo, iqulethe iindaba zamva nje ngezifundo ze-SANS kunye neengcebiso ezivela kubasebenzi abaziingcali.
  • Ezinye zeendaba ezinomdla kakhulu malunga nokubuyisela ixesha zipapashwa kwi Ijenali yeQela eliBomvu. Kukho amanqaku agxile kwi-teknoloji efana nokuthelekisa i-Red Teaming kuvavanyo lokungena, kunye namanqaku okuhlalutya afana ne-Red Team Specialist Manifesto.
  • Okokugqibela, iQela eliBomvu elimangalisayo luluntu lweGitHub olunikezelayo uluhlu oluneenkcukacha kakhulu izixhobo ezinikezelwe kwi-Red Teaming. Ibandakanya phantse yonke imiba yobugcisa yemisebenzi yeqela elibomvu, ukusuka ekufumaneni ufikelelo lokuqala, ukwenza imisebenzi ekhohlakeleyo, ukuqokelela kunye nokukhupha idatha.

"Iqela Blue" - yintoni na?

I-Red Teaming yindlela yokulinganisa enzima yokuhlaselwa. Indlela yokusebenza kunye nezixhobo

Ngamaqela amaninzi anemibala emininzi, kunokuba nzima ukufumanisa ukuba loluphi uhlobo olufunwa ngumbutho wakho.

Enye indlela kwiqela elibomvu, kwaye ngokukodwa olunye uhlobo lweqela elinokusetyenziswa ngokubambisana neqela elibomvu, liqela eliluhlaza okwesibhakabhaka. Iqela eliBlue likwavavanya ukhuseleko lothungelwano kwaye lichonge nabuphi na ubuthathaka obunokubakho kwiziseko ezingundoqo. Noko ke, unosukelo olwahlukileyo. Amaqela alolu hlobo ayafuneka ukufumana iindlela zokukhusela, ukutshintsha kunye nokuhlanganisa iindlela zokukhusela ukwenza impendulo yesiganeko isebenze ngakumbi.

Njengeqela elibomvu, iqela elihlaza okwesibhakabhaka kufuneka libe nolwazi olufanayo lwamaqhinga omhlaseli, ubuchule, kunye neenkqubo ukwenzela ukudala izicwangciso zokuphendula ngokusekelwe kuzo. Nangona kunjalo, imisebenzi yeqela eliluhlaza okwesibhakabhaka ayiphelelanga ekukhuseleni nje kuhlaselo. Ikwabandakanyeka ekuqiniseni yonke iziseko zokhuseleko, usebenzisa, umzekelo, inkqubo yokufumanisa ukungena (IDS) enikezela uhlalutyo oluqhubekayo lomsebenzi ongaqhelekanga kunye nokukrokra.

Nanga amanye amanyathelo athathwa "iqela elibhlowu":

  • uphicotho lokhuseleko, ngakumbi uphicotho lwe-DNS;
  • uhlalutyo lwelogi kunye nememori;
  • uhlalutyo lweepakethi zedatha yenethiwekhi;
  • uhlalutyo lwedatha yomngcipheko;
  • uhlalutyo lwedijithali;
  • umva ubunjineli;
  • uvavanyo lweDDoS;
  • ukuphuhliswa kweemeko zokuphunyezwa komngcipheko.

Umahluko phakathi kwamaqela abomvu naluhlaza

Umbuzo oqhelekileyo kwimibutho emininzi kukuba leliphi iqela ekufuneka lisebenzise, ​​obomvu okanye oluhlaza okwesibhakabhaka. Lo mbandela udla ngokukhatshwa yintiyo yobuhlobo phakathi kwabantu abasebenza "kumacala ahlukeneyo emiqobo." Enyanisweni, akukho myalelo unentsingiselo ngaphandle komnye. Ngoko ke impendulo echanekileyo kulo mbuzo kukuba omabini amaqela abalulekile.

Iqela eliBomvu lihlasela kwaye lisetyenziselwa ukuvavanya ukulungela kweQela leBlue ukuzikhusela. Ngamanye amaxesha iqela elibomvu linokufumana ubuthathaka obungahoywanga ngokupheleleyo, apho iqela elibomvu kufuneka libonise indlela obo buthathaka bunokulungiswa ngayo.

Kubalulekile ukuba omabini amaqela asebenzisane ngokuchasene nabaphuli-mthetho kwi-intanethi ukomeleza ukhuseleko lolwazi.

Ngesi sizathu, akukho ngqiqweni ukukhetha icala elinye kuphela okanye utyalo-mali kuhlobo olunye lweqela. Kubalulekile ukukhumbula ukuba injongo yamaqela omabini kukuthintela ulwaphulo-mthetho kwi-intanethi.
Ngamanye amazwi, iinkampani kufuneka ziseke intsebenziswano phakathi kwala maqela omabini ukuze zibonelele ngophicotho-zincwadi olupheleleyo - kunye nelogi yazo zonke uhlaselo kunye nokuhlolwa okwenziweyo, iirekhodi zeempawu ezibhaqiweyo.

"Iqela elibomvu" libonelela ngolwazi malunga nemisebenzi abayenzayo ngexesha lokuhlaselwa okufanisiweyo, ngelixa iqela elihlaza okwesibhakabhaka linika ulwazi malunga nezenzo abazenzayo ukuze bazalise izithuba kunye nokulungisa ubuthathaka obufunyenweyo.

Ukubaluleka kwawo omabini amaqela akunakujongelwa phantsi. Ngaphandle kophicotho oluqhubekayo lokhuseleko, uvavanyo lokungena, kunye nokuphuculwa kweziseko zophuhliso, iinkampani azinakuyiqaphela imeko yokhuseleko lwazo. Ubuncinci de idatha ivuze kwaye icace kabuhlungu ukuba amanyathelo okhuseleko ayenganelanga.

Yintoni iqela elimfusa?

"Iqela lePurple" lazalwa ngenxa yeenzame zokudibanisa amaQela aBomvu kunye neBlue. Iqela eliMsombululo liyingcamango kunodidi olwahlukileyo lweqela. Ijongwa kakuhle njengendibaniselwano yamaqela abomvu naluhlaza. Uwabandakanya omabini amaqela, ewanceda asebenze kunye.

Iqela lePurple linokunceda amaqela okhuseleko aphucule ukubhaqwa kobungozi, ukufunyaniswa kwesoyikiso, kunye nokujongwa kwenethiwekhi ngokwenza imodeli echanekileyo yezoyikiso eziqhelekileyo kunye nokunceda ukuyila ubhaqo olutsha kunye neendlela zokuthintela.

Eminye imibutho isebenzisa iQela lePurple kwimisebenzi egxininiswe ngexesha elinye echaza ngokucacileyo iinjongo zokhuseleko, amaxesha, kunye neziphumo eziphambili. Oku kubandakanya ukuqaphela ubuthathaka ekuhlaselweni nasekukhuseleni, kunye nokuchonga uqeqesho lwexesha elizayo kunye neemfuno zeteknoloji.

Enye indlela yokufumana amandla ngoku kukubona iQela lePurple njengemodeli yombono esebenza kuwo wonke umbutho ukunceda ukuyila kunye nokuphucula inkcubeko yokhuseleko kwi-cybersecurity.

isiphelo

I-Red Teaming, okanye ukulinganisa uhlaselo oluntsonkothileyo, bubuchule obunamandla bokuvavanya ubuthathaka bokhuseleko lombutho, kodwa kufuneka busetyenziswe ngononophelo. Ngokukodwa, ukuyisebenzisa, kufuneka ube nokwaneleyo iindlela eziphambili zokukhusela ulwazi lokhuselekoKungenjalo, usenokungawathetheleli amathemba abekwe kuye.
Ukulungiswa kwakhona kunokutyhila ubuthathaka kwinkqubo yakho obungabazi nokuba bukhona kwaye uncede ukulungisa. Ngokuthatha indlela echaseneyo phakathi kwamaqela aluhlaza kunye nabomvu, ungalinganisa ukuba i-hacker yokwenyani iya kwenza ntoni ukuba ifuna ukuba idatha yakho okanye yonakalise impahla yakho.

umthombo: www.habr.com

Yongeza izimvo