December 2018
Intermediate to advanced
280 pages
4h 16m
Japanese
Content preview from インテリジェンス駆動型インシデントレスポンス ―攻撃者を出し抜くサイバー脅威インテリジェンスの実践的活用法
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
3章インシデント対応の基礎
“We now see hacking taking place by foreign governments and by private individuals all around the world.”
われわれは、外国政府と世界中の民間人からハッキング攻撃を受けている事実を理解している。
─Mike Pompeo(第24代CIA長官 マイク・ポンペオ)
インテリジェンスは、インテリジェンス駆動型インシデント対応というパズルの半分に過ぎません。インシデント対応技術はスパイ技術ほど古くはありません。しかし、過去40年間で急速に主要な技術分野として発展しました。インシデント対応は、(単一のシステム、あるいはネットワーク全体に関わらず)侵入を特定し、侵入を正確に理解するために必要な情報を集め、攻撃者を排除する計画を策定し、実行するという一連のプロセスを網羅しています。
侵入検知とインシデント対応は共通した特徴がたくさんあり、ともに抽象的な概念として取り扱われます。侵入検知やインシデント対応は複雑なトピックであるため、サイクルやモデルとして抽象化し、単純化して考えるようになりました。これらのモデルは、防御側と攻撃側の複雑なやり取りを理解し、インシデントの対応方法を計画するうえで必要な基礎を提供します。インテリジェンスサイクルと同様、モデルは完璧ではなく、またいつでも応用できるとは限りません。しかし、攻撃者の侵入や防御側の対応プロセスを理解するためのフレームワークを提供します。
2章と同じく、3章は最も重要なモデルの紹介をした後、より具体的なモデルの解説をしていきます。その後、一般的な防御策を取り上げ、本書で今後利用するインテリジェンスとオペレーションの統合モデルを紹介します。 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.