智慧安全基数据和情报对抗.ppt

NSFOCUE 智慧安全-基于数据和情报的对抗 RSAC2015热点研讨会 赵粮博士,首席技术官,绿 盟科技 2015.06.05 2015  NSFOCUE 2015 y HRSC Havio MUE WLN s w er TRUST STUDY LESSONS CYBERSECURITY OFTWARE : CYBERMLEWIARE画 RSKd咖 THREAT MOBILE PROACH NEW USING MANAGEMEN ENTERPRISE WORLD BULDING PROTECTING THINGS DEFENSE CONTROL FUTURE EN UTHENTICATION 随邮 ANALYTICS PRIVACY LEARNNG CESNCE INTERNET DENTITY DATAE BREACH ANALYSIS CRI t aDrHughThampson 23 Tt RSAConterence2015 C 2015 NSFOCUS, blog. nsfocus ne  NSFOCUE 2008 ligen Defense Case -Technology using strategies Implementing_Control Software nformation sLaw Access Electronic World3 Challen dentity rotection Vulnerabilities Authentication Management Dataamlrm Threat New enterprises federated Service Network Complia 5 Websstandards Attacks yu-sreal Bank nfrastructure Application C 2015 NSFOCUS, blog. nsfocus ne  RSA201话题热度 NSFOCUE 10 0 STⅨ支持厂商(产品)达到40个,用户社区10 blog. nsfocus. net  NSFOCUE AND WHAT HE D真N0 ABOUT IT ternet of S uTURE o Smart Factory Internet of Things MARC GOODMAN C 2015 NSFOCUS, blog. nsfocusne  云物大移-“智能 NSFOCUE Thats a microphone l TRSAC And, it,s patented technology 〓會 OPLING AN ELETRNC SKIN TATTDO LO A MOBILE COMDANICALON DEVAE Hf S (ow Te Source: uspto. gov C 2015 NSFOCUS, blog. nsfocus. net  攻击链及其攻防思想 NSFOCUE COMMITTEE ON COMMERCE Intrusion Kill Chains SCIENCE,AND TRANSPORTATION Frc y Hutcalrs Michel I Cipeert Hone M Amin, Ph.D. A“ Kill Chain” Analysis of the 2013 的,, tErm API.e的d Target Data Breach MAJORITY STAFF REPORT FOR CHAIRMAN ROCKEFELLER blog. nsfocus. net  攻击链及其攻防思想一防护者的困境 NSFOCUE 口“攻防经济学”当前有利于攻方 口攻击者广泛灵活的使用“欺骗”社工” 口防护方士气低落,“最低价”采购,管理层不懂行,行为受 限,….“最弱”的链条防不胜防 口攻击者在暗处,防护者在明处 Targets Possible Missed Opportunities successfully maneuvered into the networks most sensitive areas Target missed information @20 blog. nsfocus. net  攻击链及其攻防思想-建立结构化纵深学 NSFOCUE 口充分理解攻击者的行为,将攻击行为结构化,针对性的建立具备结 构化纵深的防护模型,指导威胁分析,大大提高了“可操作性 口将检测和缓解行动提前,不给攻击者“一招制敌的机会 口每次攻击尝试都