当前位置:首页 > 报告详情

威胁和漏洞响应最佳实践.pdf

上传人: 学*** 编号:187767 2024-12-26 43页 2.23MB

1、Threat&Vulnerability Response Best PracticesTRACKING&MITIGATING EMERGING THREATSTodays Presenter ProcessUnity,Inc.All Rights Reserved.2Sophia CorsettiProduct Marketing ManagerA Day in the Life on July 19th CROWDSTRIKE RESPONSEI just got an alert about CrowdStrike.Are our vendors impacted?TVR notifie

2、d us this morning and we started analyzing our high-risk vendors.Of our 25 high-risk vendors,13 are down due to CrowdStrike.Were reaching out now.The State of Emerging Threats Response Process Basics&Ideal State Critical Components for a Mature Process Effective&Efficient Threat&Vulnerability Respon

3、se SummaryTodays Agenda ProcessUnity,Inc.All Rights Reserved.4Found Vulnerabilities Continue to IncreaseSource:2023 Threat Landscape Year in Review:If Everything is Critical,Nothing Is(Qualys)Link:https:/ Vulnerabilities Continue to Increase570 HIGH-RISK VULNERABILITIES IN 2023Source:2023 Threat Lan

4、dscape Year in Review:If Everything is Critical,Nothing Is(Qualys)Link:https:/ Vulnerabilities Follow AlongSource:CISA.govLink:https:/www.cisa.gov/known-exploited-vulnerabilities-catalogEmerging Threat ScenariosNon-application associated threats(Ransomware,DDoS)Threat Intelligence(dark web monitorin

5、g,third-party breaches,CrowdStrike)Known Exploited Vulnerabilities(CISA KEVs)Threat&Vulnerability Response:The Basic ProcessIDENTIFYMonitor advisories for critical vulnerabilities.ASSESSScope and bulk-assess potentially affected third parties.PRIORITIZEDetermine which third parties should be assesse

6、d.REPORTCapture and distribute findings and recommendations.Too many alerts which ones matter?Too many vendors which ones are in scope?Too many manual processes slow and inefficient Disrupts our“day job”assessment processesBut its Not So SimpleA COMPLICATED PROCESS REQUIRES NEW THINKINGUltimately,Th

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要介绍了第三方威胁和漏洞响应的最佳实践,包括以下关键点: 1. 2023年发现的高风险漏洞数量达到570个,表明漏洞数量持续增加。 2. 威胁和漏洞响应的基本流程包括识别、评估、优先排序和报告,但这个过程复杂且缺乏信心。 3. 理想的威胁和漏洞响应状态包括完全的可见性、基于事件的警报、智能优先级和快速响应。 4. 现代威胁和漏洞响应的四个关键组件包括AI驱动的团队、通用数据核心、TPRM自动化和评估交换。 5. 利用已知利用漏洞(KEV)数据整合NIST NVD/CISA KEV数据以增强威胁响应流程。 6. 利用技术足迹和行业数据对第三方进行风险排名,以确定哪些供应商最易受攻击。 7. 开发基于威胁元数据的问卷模板,以快速响应威胁。 8. 分析评估结果,比较提交结果与首选响应以评分,并创建发现和开始缓解的报告。 总的来说,文章强调了自动化和智能在提高威胁和漏洞响应效率和效果方面的重要性,并提供了实现这一目标的具体步骤和组件。
如何有效应对日益增加的威胁和漏洞? 如何提高第三方风险管理的效率和效果? 如何利用AI和自动化技术提升威胁响应能力?
客服
商务合作
小程序
服务号
折叠