如果我们在 CICD 中捕获到 SUNBURST 漏洞会怎样?利用 AI 增强型 DevSecOps 重写 SolarWinds 策略手册.pdf

编号:982114 PDF 24页 2.42MB 下载积分:VIP专享
下载报告请您先登录!

1、#SECTORCA BlackHatEventsWhat If We Caught SUNBURST in CI/CD?Rewriting the SolarWinds Playbook with AI-Augmented DevSecOpsAleksandr Krasnov#SECTORCA BlackHatEventsWhy?Anatomy of SUNBURST is a masterclass in evasionErosion of Trust and the Rise of Assume BreachTrust as a VulnerabilityZero TrustAI can

2、help if you use it righttraditional SIEM/EDR limitationsbehavioral anomaly detectionsthreat hunting#SECTORCA BlackHatEventsDont forget about NXThemeSUNBURSTNXTakeawayTrust=New VulnerabilityTrust in a legitimate software vendor is exploitedTrust in a legitimate maintainers token and public GitHub pro

3、file is exploitedZero Trust principles should be adoptedAdversarial Tactics:Stealth-AutomationManual and patient human operationMalicious payload used victims AI tools to perform data theftSecure AI tools,deploy AI-powered security to counter AI-driven threatsDev Pipeline=New FrontierAttacks are fas

4、ter and more destructiveInfiltrating the build environment is highly effective for wide-scale compromiseCI/CD pipelines and devs local machines are primary targets“Shift Left”is no longer a best practice,its a fundamental strategyAI-powered automation for defense-in-depthHigh-volume,automated blitz

5、that compromised thousands in a matter of hoursLong-term,low-and-slow cyber-espionage campaign#SECTORCA BlackHatEventsTimeline of SUNBURST2019 Initial Compromise&ReconSep-gained accessOct-SUNSPOT is injected,“dry run”2020Malicious Code InjectionFeb-SUNBURST is injected into SolarWinds.Orion.Core.Bus

6、inessLayer.dll fileDistributionMar-Jun-SolarWinds released multiple versions of its Orion platform containing the backdoor(e.g.,versions 2019.4 HF 5 and 2020.2)Counter-ForensicJun-attackers remove SUNSPOT implant from build serversPost-ExploitationMar-Dec-malware is affecting thousands of customers(

友情提示

1、下载报告失败解决办法
2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。

本文(如果我们在 CICD 中捕获到 SUNBURST 漏洞会怎样?利用 AI 增强型 DevSecOps 重写 SolarWinds 策略手册.pdf)为本站 (竿头日上) 主动上传,三个皮匠报告文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知三个皮匠报告文库(点击联系客服),我们立即给予删除!

温馨提示:如果因为网速或其他原因下载失败请重新下载,重复下载不扣分。
客服
商务合作
小程序
服务号
折叠