I-ProHoster > Π‘Π»ΠΎΠ³ > Ukuphatha > I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi
Umthombo: Acunetix

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlaselwa kwangempela ukuze kuhlolwe ukuphepha kwe-cybersecurity kwezinhlelo. I-"Red Team" iyiqembu ama-pentesters (ochwepheshe abenza ukuhlolwa kokungena ohlelweni). Bangaqashwa ngaphandle noma abasebenzi benhlangano yakho, kodwa kuzo zonke izimo indima yabo iyafana - ukulingisa izenzo zabahlaseli bese uzama ukungena ohlelweni lwakho.

Kanye "namaqembu abomvu" ku-cybersecurity, kukhona idlanzana labanye. Isibonelo, i-Blue Team isebenza ndawonye ne-Red Team, kodwa imisebenzi yayo ihloselwe ukuthuthukisa ukuvikeleka kwengqalasizinda yesistimu kusukela ngaphakathi. Ithimba Le-Purple liyisixhumanisi, lisiza amanye amaqembu amabili ekwakheni amasu okuhlasela nokuzivikela. Kodwa-ke, ukwenza kabusha isikhathi kungenye yezindlela ezingaqondakali kakhulu zokuphatha ukuphepha ku-inthanethi, futhi izinhlangano eziningi zisanqikaza ukwamukela lo mkhuba.
Kulesi sihloko, sizochaza ngokuningiliziwe ukuthi yini elele ngemuva komqondo we-Red Teaming, nokuthi ukuqaliswa kwezinqubo zokulingisa eziyinkimbinkimbi zokuhlasela kwangempela kungasiza kanjani ukuthuthukisa ukuphepha kwenhlangano yakho. Inhloso yalesi sihloko ukukhombisa ukuthi le ndlela ingakhuphula kanjani kakhulu ukuphepha kwezinhlelo zakho zolwazi.

Ukubuka konke Kweqembu Elibomvu

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Nakuba esikhathini sethu, amaqembu "obomvu" kanye "oluhlaza okwesibhakabhaka" ahlotshaniswa ngokuyinhloko nomkhakha wezobuchwepheshe bolwazi kanye ne-cybersecurity, le mibono yasungulwa ngamasosha. Ngokuvamile, kwakusebuthweni lapho ngaqala ukuzwa ngale miqondo. Ukusebenza njengomhlaziyi we-cybersecurity ngeminyaka yawo-1980 kwakuhluke kakhulu kunanamuhla: ukufinyelela kumasistimu ekhompyutha abethelwe kwakukhawulelwe kakhulu kunanamuhla.

Uma kungenjalo, ulwazi lwami lokuqala lwemidlalo yempiβ€”ukulingisa, ukulingisa, nokusebenzelanaβ€”kwakufana kakhulu nenqubo yanamuhla yokulingisa ukuhlasela eyinkimbinkimbi, ethole indlela yayo ekuvikelekeni kwe-inthanethi. Njengamanje, ukunakwa okukhulu kwakhokhelwa ukusetshenziswa kwezindlela zobunjiniyela bezenhlalakahle ukuze bakholise abasebenzi ukuthi banikeze "isitha" ukufinyelela okungalungile ezinhlelweni zempi. Ngakho-ke, nakuba izindlela zobuchwepheshe zokulingisa ukuhlasela sezithuthuke kakhulu kusukela ngeminyaka yama-80s, kuyaphawuleka ukuthi amathuluzi amaningi ayinhloko wendlela yokuphikisana, futhi ikakhulukazi amasu obunjiniyela bezenhlalo, ikakhulukazi azimele.

Inani eliyinhloko lokulingisa okuyinkimbinkimbi kokuhlaselwa kwangempela nalo alikashintshi kusukela ngeminyaka yama-80s. Ngokulingisa ukuhlasela kwamasistimu akho, kulula kuwe ukuthi uthole ubungozi futhi uqonde ukuthi zingaxhashazwa kanjani. Futhi nakuba ukuhlela kabusha kwakuvame ukusetshenziswa kakhulukazi izigebengu zezigqoko ezimhlophe nochwepheshe be-cybersecurity abafuna ubungozi ngokuhlolwa kokungena, manje sekusetshenziswe kakhulu ekuvikelekeni kwe-inthanethi nasebhizinisini.

Ukhiye wokwenza kabusha isikhathi ukuqonda ukuthi awukwazi ngempela ukuthola umuzwa wokuvikeleka kwamasistimu akho aze ahlaselwe. Futhi esikhundleni sokuzibeka engcupheni yokuhlaselwa abahlaseli bangempela, kuphephe kakhulu ukulingisa ukuhlasela okunjalo ngomyalo obomvu.

I-Red Teaming: sebenzisa amacala

Indlela elula yokuqonda izisekelo zokuphinda usebenzise isikhathi ukubheka izibonelo ezimbalwa. Nazi ezimbili zazo:

  • Isimo 1. Cabanga ukuthi isayithi lesevisi yamakhasimende lingenisiwe futhi lahlolwa ngempumelelo. Kubonakala sengathi lokhu kusikisela ukuthi yonke into ihlelekile. Kodwa-ke, kamuva, esifanisweni sokuhlasela esiyinkimbinkimbi, ithimba elibomvu lithola ukuthi nakuba uhlelo lokusebenza lwesevisi yekhasimende ngokwalo lulungile, isici sengxoxo yenkampani yangaphandle asikwazi ukukhomba abantu ngokunembile, futhi lokhu kwenza kube nokwenzeka ukukhohlisa abamele isevisi yamakhasimende ukuba bashintshe ikheli labo le-imeyili. .ku-akhawunti (njengomphumela wokuthi umuntu omusha, umhlaseli, angakwazi ukufinyelela).
  • Isimo 2. Njengomphumela wokuhlolwa, zonke i-VPN nezilawuli zokufinyelela kude zitholwe zivikelekile. Kodwa-ke, ummeleli "weqembu elibomvu" udlula ngokukhululekile edeskini lokubhalisa futhi akhiphe i-laptop yomunye wabasebenzi.

Kuzo zombili lezi zimo ezingenhla, "ithimba elibomvu" alihloli kuphela ukwethembeka kwesistimu ngayinye, kodwa futhi lonke uhlelo lulonke ngobuthakathaka.

Ubani Odinga Ukulingiswa Kokuhlasela Okuyinkimbinkimbi?

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Ngamafuphi, cishe noma iyiphi inkampani ingazuza ngokufakwa kabusha kwesikhathi. Njengoba kukhonjisiwe kumbiko wethu we-Global Data Risk Report ka-2019., inani elikhulu ngokuthusayo lezinhlangano lingaphansi kwenkolelo engamanga yokuthi zinokulawula okuphelele kudatha yazo. Sithole, isibonelo, ukuthi ngokwesilinganiso u-22% wamafolda enkampani atholakala kubo bonke abasebenzi, nokuthi u-87% wezinkampani unamafayela abucayi aphelelwe yisikhathi angaphezu kuka-1000 kumasistimu azo.

Uma inkampani yakho ingekho embonini yezobuchwepheshe, kungase kungabonakali sengathi ukwenza kabusha isikhathi kuzokuzuzisa kakhulu. Kodwa akunjalo. I-Cybersecurity ayiphathelene nokuvikela ulwazi oluyimfihlo kuphela.

Abenzi bobubi bazama ngokulinganayo ukubamba ubuchwepheshe kungakhathaliseki umkhakha wemisebenzi yenkampani. Isibonelo, bangase bafune ukufinyelela kunethiwekhi yakho ukuze bafihle izenzo zabo zokuthatha enye isistimu noma inethiwekhi kwenye indawo emhlabeni. Ngalolu hlobo lokuhlasela, abahlaseli abayidingi idatha yakho. Bafuna ukuthelela amakhompyutha akho ngohlelo olungayilungele ikhompuyutha ukuze baguqule isistimu yakho ibe yiqembu lama-botnet ngosizo lwabo.

Ezinkampanini ezincane, kungaba nzima ukuthola izinsiza ongazisebenzisa. Kulokhu, kunengqondo ukuphathisa le nqubo konkontileka bangaphandle.

Iqembu Elibomvu: Izincomo

Isikhathi esilungile nemvamisa yokwenza kabusha incike emkhakheni osebenza kuwo kanye nokuvuthwa kwamathuluzi akho okuphepha ku-inthanethi.

Ikakhulukazi, kufanele ube nemisebenzi ezenzakalelayo efana nokuhlola impahla nokuhlaziywa kokuba sengozini. Inhlangano yakho kufanele futhi ihlanganise ubuchwepheshe obuzenzakalelayo nokwengamela komuntu ngokwenza njalo ukuhlola okugcwele kokungena.
Ngemva kokuqeda imijikelezo eminingana yebhizinisi yokuhlola ukungena nokuthola ukukhubazeka, ungaqhubekela ekulingiseni okuyinkimbinkimbi kokuhlasela kwangempela. Kulesi sigaba, ukwenza kabusha isikhathi kuzokulethela izinzuzo ezibonakalayo. Kodwa-ke, ukuzama ukukwenza ngaphambi kokuba ube nezisekelo zokuvikeleka kwe-inthanethi ngeke kulethe imiphumela ebonakalayo.

Ithimba lezigqoko ezimhlophe cishe lingakwazi ukufaka engozini isistimu engalungiselelwe ngokushesha futhi kalula kangangokuthi uthole ulwazi oluncane kakhulu ukuze wenze esinye isinyathelo. Ukuze kube nomthelela wangempela, ulwazi olutholwe "ithimba elibomvu" kufanele luqhathaniswe nokuhlolwa kokungena kwangaphambilini kanye nokuhlolwa kokuba sengozini.

Kuyini ukuhlola ukungena?

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Ukulingisa okuyinkimbinkimbi kokuhlasela kwangempela (i-Red Teaming) kuvame ukudideka ukuhlolwa kokungena (pentest), kodwa lezi zindlela ezimbili zihluke kancane. Ngokunembayo, ukuhlolwa kokungena kungenye yezindlela zokubuyisela isikhathi.

Iqhaza LePentester kuchazwe kahle. Umsebenzi wamapentester uhlukaniswe izigaba ezine eziyinhloko: ukuhlela, ukutholwa kolwazi, ukuhlasela, kanye nokubika. Njengoba ubona, ama-pentesters enza okungaphezu nje kokubheka ubungozi besoftware. Bazama ukuzifaka ezicathulweni zabaduni, futhi lapho bengena ohlelweni lwakho, umsebenzi wabo wangempela uqala.

Bathola ubungozi bese benza ukuhlasela okusha okusekelwe kulwazi olutholiwe, behamba ngesigaba sefolda. Yilokhu okuhlukanisa abahloli bokungena kulabo abaqashwe kuphela ukuze bathole ubungozi, kusetshenziswa isofthiwe yokuskena imbobo noma ukutholwa kwegciwane. I-pentester enolwazi inganquma:

  • lapho abaduni bengaqondisa khona ukuhlasela kwabo;
  • indlela abaduni abazohlasela ngayo;
  • Ukuzivikela kwakho kuzoziphatha kanjani?
  • izinga lokuphulwa okungenzeka.

Ukuhlolwa kokungena kuhloselwe ukuhlonza ubuthakathaka ezingeni lesicelo kanye nenethiwekhi, kanye namathuba okunqoba izithiyo zokuphepha zomzimba. Nakuba ukuhlola okuzenzakalelayo kungase kwembule ezinye zezinkinga zokuphepha ku-inthanethi, ukuhlola ukungena mathupha nakho kucabangela ukuba sengozini kwebhizinisi ekuhlaselweni.

I-Red Teaming vs. ukuhlola ukungena

Ngokungangabazeki, ukuhlola ukungena kubalulekile, kodwa kuyingxenye eyodwa kuphela yochungechunge lonke lwemisebenzi yokuhlela kabusha. Imisebenzi "yeqembu elibomvu" inemigomo ebanzi kakhulu kunaleyo yama-pentesters, ngokuvamile afuna ukuthola ukufinyelela kunethiwekhi. Ukwenza kabusha ngokuvamile kuhilela abantu abaningi, izinsiza kanye nesikhathi njengoba ithimba elibomvu lijula ​​ukuze liqonde ngokugcwele izinga langempela lengozi nokuba sengozini kwezobuchwepheshe kanye nempahla yomuntu nengokwenyama yenhlangano.

Ngaphezu kwalokho, kukhona nezinye umehluko. I-Redtiming ngokuvamile isetshenziswa izinhlangano ezinezinyathelo ezivuthiwe nezithuthukisiwe ze-cybersecurity (yize lokhu kungahlali kunjalo ekusebenzeni).

Ngokuvamile lezi izinkampani esezivele zenze ukuhlola ukungena futhi zalungisa ubungozi obuningi obutholakele futhi manje zifuna umuntu ongazama futhi ukufinyelela ulwazi olubucayi noma aphule ukuvikela nganoma iyiphi indlela.
Yingakho ukwenza kabusha isikhathi kuncike ethimbeni lochwepheshe bezokuphepha eligxile ekuhlosweni okuthile. Baqondise ubungozi bangaphakathi futhi basebenzise kokubili izindlela zobunjiniyela bezenhlalo zikagesi nezomzimba kubasebenzi benhlangano. Ngokungafani nama-pentesters, amaqembu abomvu athatha isikhathi sawo phakathi nokuhlasela kwawo, efuna ukugwema ukutholwa njengobugebengu bangempela be-inthanethi.

Izinzuzo ze-Red Teaming

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Kunezinzuzo eziningi ekulingiseni okuyinkimbinkimbi kokuhlaselwa kwangempela, kodwa okubaluleke kakhulu, le ndlela ikuvumela ukuthi uthole isithombe esiphelele sezinga le-cybersecurity yenhlangano. Inqubo evamile yokuhlasela elungisiwe yokuphela izofaka ukuhlola ukungena (inethiwekhi, uhlelo lokusebenza, iselula, nenye idivayisi), ubunjiniyela bokuxhumana nabantu (bukhoma kusayithi, amakholi wefoni, i-imeyili, noma imilayezo ebhaliwe nengxoxo), kanye nokungena ngokomzimba. (ukugqekeza izingidi, ukuthola izindawo ezifile zamakhamera okuphepha, ukweqa izinhlelo zokuxwayisa). Uma kukhona ubungozi kunoma iyiphi yalezi zici zesistimu yakho, izotholakala.

Uma ubungozi butholakele, bungalungiswa. Inqubo yokulingisa ephumelelayo yokuhlasela ayigcini ngokutholwa kobungozi. Uma amaphutha okuvikela esebonakale ngokucacile, uzofuna ukusebenzela ukuwalungisa futhi uwahlole kabusha. Eqinisweni, umsebenzi wangempela uvamise ukuqala ngemva kokungenela kweqembu elibomvu, lapho uhlaziya ukuhlasela futhi uzama ukunciphisa ubungozi obutholakele.

Ngokungeziwe kulezi zinzuzo ezimbili eziyinhloko, ukwenza kabusha isikhathi kunikeza ezinye eziningi. Ngakho, "ithimba elibomvu" lingakwazi:

  • ukuhlonza ubungozi kanye nokuba sengozini ekuhlaselweni kwezimpahla ezibalulekile zolwazi lwebhizinisi;
  • belingisa izindlela, amaqhinga kanye nezinqubo zabahlaseli bangempela endaweni enengozi elinganiselwe futhi elawulwayo;
  • Hlola ikhono lenhlangano yakho lokuthola, ukuphendula, nokuvimbela izinsongo eziyinkimbinkimbi, eziqondiwe;
  • Khuthaza ukubambisana okuseduze neminyango yezokuphepha kanye namathimba aluhlaza ukuze kuhlinzekwe ngokunciphisa okubalulekile futhi kwenziwe imihlangano yokucobelelana ngolwazi ebanzi kulandela ubungozi obutholakele.

Isebenza kanjani i-Red Teaming?

Indlela enhle yokuqonda ukuthi ukuhlela kabusha kusebenza kanjani ukubheka ukuthi kuvamise ukusebenza kanjani. Inqubo evamile yokulingisa ukuhlasela okuyinkimbinkimbi inezigaba eziningana:

  • Inhlangano iyavumelana "nethimba elibomvu" (ngaphakathi noma ngaphandle) ngenhloso yokuhlasela. Isibonelo, umgomo onjalo kungaba ukubuyisa ulwazi olubucayi kusuka kuseva ethile.
  • Khona-ke "ithimba elibomvu" lenza ukuqaphela okuhlosiwe. Umphumela uwumdwebo wezinhlelo eziqondiwe, okuhlanganisa izinsiza zenethiwekhi, izinhlelo zokusebenza zewebhu, nezingosi zezisebenzi zangaphakathi. .
  • Ngemva kwalokho, ubungozi buyaseshwa kusistimu eqondiwe, evamise ukusetshenziswa kusetshenziswa ubugebengu bokweba imininingwane ebucayi noma ukuhlasela kwe-XSS. .
  • Uma amathokheni okufinyelela etholiwe, ithimba elibomvu liwasebenzisela ukuphenya ubungozi obengeziwe. .
  • Uma kutholwa obunye ubungozi, "ithimba elibomvu" lizofuna ukukhulisa izinga labo lokufinyelela ezingeni elidingekayo ukuze kuzuzwe umgomo. .
  • Lapho uthola ukufinyelela kudatha eqondiwe noma impahla, umsebenzi wokuhlasela ubhekwa njengoqediwe.

Eqinisweni, uchwepheshe weqembu elibomvu onolwazi uzosebenzisa inombolo enkulu yezindlela ezahlukahlukene ukuze adlule kulesi sinyathelo ngasinye. Kodwa-ke, okubalulekile okuthathwe kulesi sibonelo esingenhla ukuthi ubuthakathaka obuncane kumasistimu angawodwana bungase buphenduke ukwehluleka okuyinhlekelele uma kuhlanganiswe ndawonye.

Yini okufanele icatshangelwe lapho kukhulunywa "ngeqembu elibomvu"?

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Ukuze uthole okuningi ekusetshenzisweni kabusha kwesikhathi, udinga ukulungiselela ngokucophelela. Amasistimu nezinqubo ezisetshenziswa inhlangano ngayinye zihlukile, futhi izinga lekhwalithi lokuphinda lifinyelelwe uma kuhloswe ngalo ukuthola ubungozi kumasistimu akho. Ngenxa yalesi sizathu, kubalulekile ukucabangela izici eziningana:

Yazi ukuthi yini oyifunayo

Okokuqala, kubalulekile ukuqonda ukuthi yiziphi izinhlelo nezinqubo ofuna ukuzihlola. Mhlawumbe uyazi ukuthi ufuna ukuhlola uhlelo lwewebhu, kodwa awuqondi kahle ukuthi lisho ukuthini ngempela nokuthi amanye amasistimu ahlanganiswe nezinhlelo zakho zokusebenza zewebhu. Ngakho-ke, kubalulekile ukuthi ube nokuqonda okuhle kwezinhlelo zakho siqu futhi ulungise noma yikuphi ukukhubazeka okusobala ngaphambi kokuqala ukulingisa okuyinkimbinkimbi kokuhlasela kwangempela.

Yazi inethiwekhi yakho

Lokhu kuhlobene nesincomo sangaphambilini, kodwa kumayelana nezici zobuchwepheshe zenethiwekhi yakho. Uma ukwazi ukulinganisa indawo yakho yokuhlola kangcono, yilapho ithimba lakho elibomvu lizonemba kakhudlwana futhi licacise.

Yazi Ibhajethi Yakho

Ukwenza kabusha isikhathi kungenziwa ngamaleveli ahlukene, kodwa ukulingisa uhla olugcwele lokuhlasela kunethiwekhi yakho, okuhlanganisa ubunjiniyela bomphakathi kanye nokungena ngokomzimba, kungabiza kakhulu. Ngenxa yalesi sizathu, kubalulekile ukuqonda ukuthi yimalini ongayisebenzisa kusheke elinjalo futhi, ngokufanele, uchaze ububanzi balo.

Yazi izinga lakho lobungozi

Ezinye izinhlangano zingase zibekezelele izinga eliphezulu lobungozi njengengxenye yezinqubo zabo zebhizinisi ezijwayelekile. Abanye bazodinga ukukhawulela izinga labo lobungozi ngezinga elikhulu kakhulu, ikakhulukazi uma inkampani isebenza embonini elawulwa kakhulu. Ngakho-ke, lapho wenza ukuhlela kabusha isikhathi, kubalulekile ukugxila ezingozini ezibeka ingozi ngempela ebhizinisini lakho.

Iqembu Elibomvu: Amathuluzi Namaqhinga

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Uma isetshenziswe ngendlela efanele, "ithimba elibomvu" lizokwenza ukuhlasela okugcwele kumanethiwekhi akho lisebenzisa wonke amathuluzi nezindlela ezisetshenziswa abaduni. Phakathi kwezinye izinto, lokhu kuhlanganisa:

  • Ukuhlolwa Kokungena Kwesicelo - ihlose ukuhlonza ubuthakathaka ezingeni lesicelo, njengokukhohlisa kwezicelo zesizindalwazi, amaphutha okufakwa kwedatha, ukuphathwa kweseshini okubuthakathaka, nokunye okuningi.
  • Ukuhlola Ukungena Kwenethiwekhi - ihlose ukuhlonza ubuthakathaka ezingeni lenethiwekhi nesistimu, okuhlanganisa ukulungisa kabi, ubungozi benethiwekhi engenantambo, amasevisi angagunyaziwe, nokuningi.
  • Ukuhlolwa kokungena ngokomzimba β€” ukuhlola ukusebenza kahle, kanye namandla nobuthakathaka bezilawuli zokuphepha ngokomzimba empilweni yangempela.
  • ubunjiniyela bezenhlalakahle - ihlose ukuxhaphaza ubuthakathaka babantu kanye nemvelo yomuntu, ukuhlola ukuthambekela kwabantu ekukhohliseni, ukuncenga kanye nokukhohlisa ngama-imeyili obugebengu bokweba imininingwane ebucayi, izingcingo nemiyalezo yombhalo, kanye nokuthintana ngokomzimba ngaso leso sikhathi.

Konke lokhu okungenhla kuyizingxenye zokuhlela kabusha isikhathi. Ukulingisa okugcwele, okunezendlalelo okuklanyelwe ukucacisa ukuthi abantu bakho, amanethiwekhi, izinhlelo zokusebenza, nezilawuli zokuphepha ezingokwenyama zingamelana kanjani nokuhlasela okuvela kumhlaseli wangempela.

Ukuthuthukiswa okuqhubekayo kwezindlela ze-Red Teaming

Imvelo yokulingisa okuyinkimbinkimbi yokuhlasela kwangempela, lapho amaqembu abomvu ezama ukuthola ubungozi obusha bokuphepha kanye namaqembu aluhlaza azama ukukulungisa, kuholela ekuthuthukisweni okuqhubekayo kwezindlela zokuhlola okunjalo. Ngenxa yalesi sizathu, kunzima ukuhlanganisa uhlu lwakamuva lwezindlela zesimanje zokuhlela kabusha, njengoba ziphelelwa yisikhathi ngokushesha.

Ngakho-ke, abaqaphi abaningi bazosebenzisa okungenani ingxenye yesikhathi sabo befunda ngobungozi obusha futhi babuxhaphaze, besebenzisa izinsiza eziningi ezinikezwa umphakathi weqembu elibomvu. Nansi edume kakhulu kule miphakathi:

  • IPentester Academy iyisevisi yokubhalisa enikeza izifundo zevidiyo eziku-inthanethi ezigxile kakhulu ekuhlolweni kokungena, kanye nezifundo ze-forensics yesistimu yokusebenza, imisebenzi yobunjiniyela bezenhlalo, kanye nolimi lokuhlanganisa ukuphepha kolwazi.
  • Vincent Yiu "u-opharetha we-cybersecurity ohlaselayo" ovame ukubhuloga mayelana nezindlela zokulingisa okuyinkimbinkimbi kokuhlasela kwangempela futhi ungumthombo omuhle wezindlela ezintsha.
  • I-Twitter futhi ingumthombo omuhle uma ufuna ulwazi lwakamuva lokuhlela kabusha. Ungayithola ngama-hashtag #iqembu elibomvu ΠΈ #ukudlala kabusha.
  • Daniel Miessler ungomunye uchwepheshe we-redtiming onolwazi okhiqiza i-newsletter futhi i-podcast, abaholayo Iwebhusayithi futhi ubhala okuningi mayelana nezitayela zamanje zeqembu elibomvu. Phakathi kwezihloko zakhe zakamuva: "Purple Team Pentest Kusho Amaqembu Akho Abomvu Naluhlaza Ahlulekile" ΠΈ "Imiklomelo Yokuba sengcupheni nokuthi Kusetshenziswa Nini Ukuhlola Ukuba Sengozini, Ukuhlola Ukungena, Nokulingisa Ukuhlasela Okuphelele".
  • I-Swig yansuku zonke Iphephabhuku lezokuphepha kuwebhu elixhaswe ngabakwaPortSwigger Web Security. Lesi isisetshenziswa esihle sokufunda mayelana nentuthuko nezindaba zakamuva emkhakheni we-redtiming - ama-hacks, ukuvuza kwedatha, ukuxhaphazwa, ubungozi bezinhlelo zokusebenza zewebhu kanye nobuchwepheshe obusha bezokuphepha.
  • UFlorian Hansemann i-hacker yesigqoko esimhlophe kanye nomhloli wokungena ovame ukumboza amaqhinga amasha eqembu elibomvu kweyakhe iposi lebhulogi.
  • Amalebhu e-MWR ayindlela enhle, nokho enobuchwepheshe obudlulele, umthombo wezindaba zokuhlela kabusha. Bathumela okuwusizo emaqenjini abomvu amathuluzi, kanye labo Okuphakelayo kwe-Twitter iqukethe amathiphu okuxazulula izinkinga abahloli bezokuphepha ababhekana nazo.
  • Emad Shanab - Ummeli kanye "ne-hacker emhlophe". Isiphakeli sakhe se-Twitter sinezindlela eziwusizo "emaqenjini abomvu", njengokubhala imijovo ye-SQL kanye nokwenza amathokheni e-OAuth.
  • I-Mitre's Adversarial Tactics, Amaqhinga kanye Nolwazi Olujwayelekile (ATT & CK) isisekelo solwazi esikhethiwe sokuziphatha komhlaseli. Ilandelela izigaba zomjikelezo wempilo yabahlaseli nezinkundla abaziqondise.
  • I-Hacker Playbook iyinkomba yabaduni, okuthi, nakuba isindala impela, ihlanganisa amasu amaningi ayisisekelo asesenhliziyweni yokulingisa okuyinkimbinkimbi kokuhlasela kwangempela. Umbhali uPeter Kim naye unalo Okuphakelayo kwe-Twitter, lapho enikeza khona amathiphu okugebenga nolunye ulwazi.
  • I-SANS Institute ingomunye umhlinzeki omkhulu wezisetshenziswa zokuqeqesha ngokuvikeleka ku-inthanethi. Yabo Okuphakelayo kwe-TwitterIgxile kumaforensikhi edijithali kanye nokuphendula kwesigameko, iqukethe izindaba zakamuva ngezifundo ze-SANS nezeluleko ezivela kochwepheshe abangochwepheshe.
  • Ezinye zezindaba ezithakazelisa kakhulu mayelana nokwenza kabusha isikhathi zishicilelwa ku Ijenali Yeqembu Elibomvu. Kukhona ama-athikili agxile kubuchwepheshe njengokuqhathanisa i-Red Teaming nokuhlola ukungena, kanye nezindatshana zokuhlaziya ezifana ne-Red Team Specialist Manifesto.
  • Okokugcina, i-Awesome Red Teaming ngumphakathi we-GitHub onikezayo uhlu olunemininingwane kakhulu izinsiza ezinikezelwe ku-Red Teaming. Ihlanganisa cishe zonke izici zobuchwepheshe zemisebenzi yeqembu elibomvu, kusukela ekutholeni ukufinyelela kokuqala, ukwenza izenzo ezinonya, ukuqoqa nokukhipha idatha.

"Blue team" - kuyini?

I-Red Teaming iyilingisa eyinkimbinkimbi yokuhlasela. Indlela namathuluzi

Ngamaqembu amaningi anemibala eminingi, kungaba nzima ukuthola ukuthi inhlangano yakho idinga luphi uhlobo.

Okunye okungenziwa eqenjini elibomvu, futhi ikakhulukazi olunye uhlobo lweqembu olungasetshenziswa ngokuhlanganyela neqembu elibomvu, ithimba eliluhlaza okwesibhakabhaka. I-Blue Team iphinde ihlole ukuphepha kwenethiwekhi futhi ihlonze noma yibuphi ubungozi bengqalasizinda obungaba khona. Nokho, unomgomo ohlukile. Amathimba alolu hlobo ayadingeka ukuze athole izindlela zokuvikela, ukuguqula kanye nokuhlanganisa kabusha izindlela zokuzivikela ukuze enze impendulo yesigameko iphumelele kakhulu.

Njengeqembu elibomvu, ithimba elihlaza okwesibhakabhaka kufanele libe nolwazi olufanayo lwamaqhinga omhlaseli, amasu, nezinqubo ukuze lidale amasu okuphendula asekelwe kuwo. Kodwa-ke, imisebenzi yeqembu eliluhlaza okwesibhakabhaka ayigcini nje ekuvikeleni ekuhlaselweni. Kuphinde kubandakanyeke ekuqiniseni yonke ingqalasizinda yezokuphepha, kusetshenziswa, isibonelo, isistimu yokuthola ukungena kokungena (IDS) ehlinzeka ngokuhlaziywa okuqhubekayo komsebenzi ongajwayelekile nosolisayo.

Nazi ezinye zezinyathelo ezithathwa "ithimba eliluhlaza okwesibhakabhaka":

  • ukuhlolwa kwezokuphepha, ikakhulukazi ukuhlolwa kwe-DNS;
  • ukuhlaziya ilogi nenkumbulo;
  • ukuhlaziywa kwamaphakethe edatha yenethiwekhi;
  • ukuhlaziywa kwedatha yengozi;
  • ukuhlaziywa kwezinyathelo zedijithali;
  • hlehla ubunjiniyela;
  • ukuhlolwa kwe-DDoS;
  • ukuthuthukiswa kwezimo zokusebenzisa ubungozi.

Umehluko phakathi kwamaqembu abomvu naluhlaza okwesibhakabhaka

Umbuzo ojwayelekile ezinhlanganweni eziningi ukuthi yiliphi iqembu okufanele balisebenzise, ​​elibomvu noma eliluhlaza okwesibhakabhaka. Lolu daba luvame ukuhambisana nenzondo yobungane phakathi kwabantu abasebenza "ezinhlangothini ezihlukene zezivimbi." Eqinisweni, awukho umyalo owenza umqondo ngaphandle komunye. Ngakho impendulo efanele kulo mbuzo ukuthi womabili amaqembu abalulekile.

Iqembu Elibomvu liyahlasela futhi lisetshenziselwa ukuhlola ukulungela kweBlue Team ukuvikela. Kwesinye isikhathi ithimba elibomvu lingathola ubungozi iqembu eliluhlaza elikushaye indiva ngokuphelele, lapho ithimba elibomvu kufanele libonise ukuthi lezo zingozi zingalungiswa kanjani.

Kubalulekile ukuthi womabili amaqembu asebenzisane ukulwa nezigebengu zama-inthanethi ukuze kuqiniswe ukuvikeleka kolwazi.

Ngalesi sizathu, akunangqondo ukukhetha uhlangothi olulodwa kuphela noma ukutshala imali ohlotsheni olulodwa lweqembu. Kubalulekile ukukhumbula ukuthi inhloso yazo zombili izinhlangothi ukuvimbela ubugebengu be-inthanethi.
Ngamanye amazwi, izinkampani zidinga ukusungula ukubambisana kwawo womabili amaqembu ukuze zinikeze ukuhlola okuphelele - ngamalogi akho konke ukuhlasela nokuhlola okwenziwe, amarekhodi ezici ezitholiwe.

"Ithimba elibomvu" lihlinzeka ngolwazi mayelana nemisebenzi eliyenzile ngesikhathi sokuhlasela okufanisiwe, kuyilapho ithimba eliluhlaza okwesibhakabhaka linikeza ulwazi mayelana nezenzo elizithathile ukuze livale izikhala futhi lilungise ubungozi obutholakele.

Ukubaluleka kwawo womabili amaqembu angeke kubukelwe phansi. Ngaphandle kokuhlolwa kwazo okuqhubekayo kwezokuphepha, ukuhlolwa kokungena, nokuthuthukiswa kwengqalasizinda, izinkampani bezingeke zisazi isimo sokuphepha kwazo. Okungenani kuze kube yilapho idatha iputshuzwa futhi kuba sobala kabuhlungu ukuthi izinyathelo zokuphepha bezingenele.

Liyini iqembu elinsomi?

I-"Purple Team" yazalwa ngenxa yemizamo yokuhlanganisa i-Red and Blue Teams. Ithimba Elibomvu liwumqondo omkhulu kunohlobo oluhlukile lweqembu. Ibhekwa kangcono njengenhlanganisela yamaqembu abomvu naluhlaza okwesibhakabhaka. Uhlanganisa womabili amaqembu, awasize asebenze ndawonye.

Ithimba Le-Purple lingasiza amaqembu okuvikela athuthukise ukutholwa kokuba sengozini, ukutholwa kosongo, nokuqapha inethiwekhi ngokumodela ngendlela enembile izimo ezivamile zosongo nokusiza ekudaleni ukutholwa kosongo olusha nezindlela zokuvimbela.

Ezinye izinhlangano zisebenzisa i-Purple Team emisebenzini egxile ngesikhathi esisodwa echaza ngokucacile izinjongo zokuphepha, imigqa yesikhathi, nemiphumela ebalulekile. Lokhu kuhlanganisa ukuqaphela ubuthakathaka ekuhlaselweni nasekuvikeleni, kanye nokuhlonza izimfuneko zokuqeqeshwa nobuchwepheshe besikhathi esizayo.

Enye indlela manje ethola umfutho ukubuka i-Purple Team njengemodeli yemibono esebenza kuyo yonke inhlangano ukuze isize ekudaleni nasekuthuthukiseni isiko lokuvikeleka ku-inthanethi.

isiphetho

I-Red Teaming, noma ukulingisa ukuhlasela okuyinkimbinkimbi, kuyindlela enamandla yokuhlola ukuba sengozini kwezokuphepha kwenhlangano, kodwa kufanele kusetshenziswe ngokucophelela. Ikakhulukazi, ukuze uyisebenzise, ​​udinga ukuba nokwanele izindlela ezithuthukisiwe zokuvikela ukuphepha kolwaziNgaphandle kwalokho, angase angawathetheleli amathemba abekwe kuye.
Ukwenza kabusha isikhathi kungadalula ubungozi kusistimu yakho obungabazi nokuthi bukhona futhi kusize ukubulungisa. Ngokuthatha indlela ephikisanayo phakathi kwamaqembu aluhlaza nabomvu, ungakwazi ukulingisa lokho umgebengu wangempela angakwenza uma efuna ukweba idatha yakho noma ukulimaza impahla yakho.

Source: www.habr.com

Engeza amazwana