当前位置:首页 >英文主页 >中英对照 > 中译版报告详情

RunZero:2024全球企业资产安全现状报告:超过半数物理设备缺乏可见性(中译版)(69页).pdf

上传人: Y**** 编号:162246 2024-05-17 69页 11.96MB

下载:

1、/Research TeamHD Moore /Rob King /Tom Sellers2024VOLUME 1 MAY 2024runZero Research Report2024P2Volume 1Table of ContentsChapter 1Introduction3Chapter 2OT&Cloud Impacts on Attack Surfaces10Chapter 3Unusual Assets Are Risky Assets19Chapter 4Some Old Enemies23Chapter 5Emerging Threats36Chapter 6Fingerp

2、rints&Snapshots45Chapter 7AI&the Need for Specificity65About runZero69In this report we share runZeros observations from our unique perspective as an applied security research team.Our goal is to provide insight into how the security landscape is changing,and recommendations on what you can do to ge

3、t ahead of these changes.Foreword by Rob King“Plus a change,plus cest la mme chose”The more things change,the more they stay the same.Jean-Baptiste Alphonse Karr,Les Gupes,1849.The only constant in information security is that this year will be different from last year.Not only will new individual t

4、hreats emerge,but entirely new classes of threats will make their debut.Some evergreen threats will finally die off,while others will roar back from oblivion.More devices(and more types of devices!)will be connected to networks,and attack surfaces will continue to grow in sophistication and scope.Wh

5、ile this may seem daunting,its also very exciting.We do not work in a boring industry,and we get to solve fascinating and complex problems every single day.runZeros research team exists to discover new and innovative ways to solve these problems and,just as importantly,identify new problems to solve

6、 tomorrow.Chapter 1IntroductionWe hope that you will find our first research report educational and possibly even entertaining.We would appreciate your feedback;if you have suggestions,questions,or comments,please reach out by email via .Rob KingDirector of Security ResearchrunZero Research Report20

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文是runZero研究团队发布的首份研究报告,主要内容包括: 1. 网络安全行业正在经历重大变革,由多个强大趋势和技术发展所推动,如漏洞被利用的速度达到前所未有的水平,供应商在及时为产品打补丁方面面临挑战。 2. 运营技术(OT)和信息技术(IT)网络的融合是不可避免的,为网络犯罪分子提供了新的高价值目标。 3. 远程工作成为常态,导致攻击面大幅扩大,包括个人移动设备、智能手表、会议室恒温器等。 4. 工业控制系统(ICS)设备越来越多地连接到企业IT网络,成为易受攻击的一部分。 5. 云基础设施的商品化和虚拟化意味着几乎所有组织现在都有基于云的攻击面需要保护。 6. runZero通过其Explorer软件在公共云平台上收集数据,发现大量不寻常的连接设备,如烤面包机、吸尘器、灯泡等。 7. runZero的主动扫描方法在OT环境中是安全的,通过发送尽可能少的流量,只发送设备预期收到的流量,以及逐步发现每个资产来避免可能对特定设备不安全的方法。
如何在OT环境中进行安全扫描? 为什么OT与IT的融合对攻击面有影响? 如何利用AI技术提高网络安全?
客服
商务合作
小程序
服务号
折叠