Kunezinye izindlela eziwusizo ezimbalwa zomthombo ovulekile ngaphezu kwezixazululo zokuphepha zomdabu ezihlinzekwa yizinkampani zamafu.
Nasi isibonelo sobuchwepheshe bokuphepha bomthombo ovulekile obuyisishiyagalombili obuvelele.
I-AWS, i-Microsoft, ne-Google izinkampani ezimbalwa zamafu ezihlinzeka ngezici zokuphepha zomdabu ezihlukahlukene. Nakuba lobu buchwepheshe buwusizo ngokungangabazeki, abukwazi ukwanelisa izidingo zawo wonke umuntu. Amaqembu e-IT avame ukuthola izikhala emandleni awo okudala nokugcina imithwalo yemisebenzi ngokuphephile kuzo zonke lezi zinkundla njengoba ukuthuthukiswa kwamafu kuqhubeka. Ekugcineni, kukumsebenzisi ukuthi avale lezi zikhala. Ubuchwepheshe bokuphepha bomthombo ovulekile buwusizo ezimeni ezifana nalezi.
Ubuchwepheshe bokuphepha bomthombo ovulekile obusetshenziswa kakhulu bomthombo ovulekile buvamise ukudalwa izinhlangano ezifana neNetflix, Capital One, kanye neLyft ezinamaqembu amakhulu e-IT anolwazi olunzulu lwamafu. Amathimba aqala la maphrojekthi ukuze axazulule izidingo ezithile ezingahlangabezwanga amathuluzi namasevisi asevele etholakala, futhi avula umthombo wesofthiwe enjalo ngethemba lokuthi izoba usizo nakwamanye amabhizinisi. Yize lingahlanganisi konke, lolu hlu lwezixazululo zokuphepha zamafu ezithandwa kakhulu ku-GitHub luyindawo enhle kakhulu yokuqala. Eziningi zazo zihambisana nezinye izilungiselelo zamafu, kanti ezinye zakhiwe ngokucacile ukuze zisebenze ne-AWS, ifu lomphakathi elidume kakhulu. Bheka lobu buchwepheshe bokuphepha ukuze uthole impendulo yesigameko, ukuhlolwa okusebenzayo, nokubonakala.
Cloud Custodian
Ukuphathwa kwezindawo ze-AWS, i-Microsoft Azure, kanye ne-Google Cloud Platform (GCP) kwenziwa ngosizo lwe-Cloud Custodian, injini yemithetho engenamthetho. Ngokubika okuhlanganisiwe nezibalo, kuhlanganisa izinqubo zokuthobela ezimbalwa ezisetshenziswa amabhizinisi zibe inkundla eyodwa. Ungase usungule imithetho usebenzisa i-Cloud Custodian eqhathanisa imvelo nezimfuneko zokuphepha nokuhambisana kanye nemibandela yokuthuthukisa izindleko. Uhlobo neqembu lezinsiza okufanele zihlolwe, kanye nezinyathelo okufanele zithathwe kulezi zinsiza, kuvezwa kuzinqubomgomo ze-Cloud Custodian, ezichazwe ku-YAML. Ungakwazi, ngokwesibonelo, ukusungula inqubomgomo eyenza ukubethela kwebhakede kutholakale kuwo wonke amabhakede e-Amazon S3. Ukuze uxazulule imithetho ngokuzenzakalelayo, ungase uhlanganise i-Cloud Custodian nezikhathi zokusebenza ezingenasiphakeli kanye nezinsizakalo zamafu zomdabu. Idalwe ekuqaleni futhi yenziwa yatholakala njengomthombo wamahhala ngu
I-Cartography
Umdwebo oyinhloko lapha amamephu wengqalasizinda enziwa ngokudwetshwa kwemephu. Leli thuluzi le-graphing elizenzakalelayo linikeza ukumelwa okubonakalayo kokuxhumana phakathi kwezingxenye zakho zengqalasizinda yamafu. Lokhu kungakhuphula ukubonakala kokuvikeleka kukonke kweqembu. Sebenzisa leli thuluzi ukuze udale imibiko yempahla, uhlonze ama-vector okuhlasela angaba khona, futhi ukhombe amathuba okuthuthukisa ukuphepha. Onjiniyela e-Lyft bakhe i-cartography, esebenzisa i-database ye-Neo4j. Isekela izinsiza ezihlukahlukene ze-AWS, G Suite, kanye ne-Google Cloud Platform.
I-Diffy
Ithuluzi elidume kakhulu lokunquma ithuluzi le-digital forensics kanye nempendulo yesigameko libizwa nge-Diffy (DFIR). Umsebenzi wethimba lakho le-DFIR ukusesha izimpahla zakho ukuze uthole noma yibuphi ubufakazi isigebengu esisishiye ngemuva kokuthi indawo okuyo isivele ihlaselwe noma itshontshiwe. Lokhu kungase kudinge umsebenzi wezandla onzima. Injini ehlukile ehlinzekwa yi-Diffy iveza izimo ezididayo, imishini ebonakalayo, nomunye umsebenzi wensiza. Ukuze usize ithimba le-DFIR likhombe izindawo zabahlaseli, i-Diffy izobazisa ukuthi yiziphi izinsiza ezisebenza ngendlela exakile. I-Diffy isesigabeni sayo sokuqala sokuthuthuka futhi manje isekela kuphela izimo ze-Linux ku-AWS, nokho ukwakheka kwe-plugin yayo kunganika amandla amanye amafu. Ithimba le-Security Intelligence and Response Team le-Netflix lisungule i-Diffy, ebhalwe nge-Python.
Izimfihlo ze-Git
Leli thuluzi lokuvikela lokuthuthukisa elibizwa nge-Git-secrets liyakwenqabela ekugcineni izimfihlo kanye nenye idatha ebucayi endaweni yakho yokugcina ye-Git. Noma yimiphi imilayezo yokuzibophezela noma ebophezelayo elingana eyodwa yamaphethini akho ezinkulumo ezichazwe ngaphambilini, enqatshelwe, iyanqatshwa ngemva kokuskenwa. I-Git-secrets idalwe kucatshangwa nge-AWS. Yasungulwa ngabakwa-AWS Labs, okusabhekene namanje nokugcinwa kwephrojekthi.
I-OSSEC
I-OSSEC iyinkundla yokuphepha ehlanganisa ukuqapha kwelogi, ukuphepha Imininingwane kanye nokuphathwa komcimbi, kanye nokutholwa kokungena okususelwe kumsingathi. Ungase usebenzise lokhu kuma-VM asekelwe efwini nakuba ekuqaleni yayidizayinelwe ukuvikela endaweni. Ukuvumelana nezimo kwePlatform kungenye yezinzuzo zayo. Indawo eku-AWS, i-Azure, ne-GCP ingase iyisebenzise. Ukwengeza, isekela ama-OS ahlukahlukene, afaka iWindows, Linux, Mac OS X, neSolaris. Ngaphezu kokuqapha i-ejenti nokungena-ejenti, i-OSSEC inikeza iseva yokuphatha ephakathi nendawo yokugcina umkhondo wemithetho kuzo zonke izinkundla ezimbalwa. Izici ezibalulekile ze-OSSEC zihlanganisa: Noma iliphi ifayela noma ukuguqulwa kohla lwemibhalo ohlelweni lwakho kuzotholwa ngokuqapha ubuqotho befayela, okuzokwazisa. Ukuqapha kwamalogu kuyaqoqa, kuhlole, futhi kukwazise nganoma yikuphi ukuziphatha okungajwayelekile kuwo wonke amalogi ohlelweni.
Ukutholwa kwe-Rootkit, okukwazisayo uma uhlelo lwakho luba noshintsho njenge-rootkit. Uma kutholwa ukungena okuthile, i-OSSEC ingase iphendule ngokukhuthele futhi ithathe isinyathelo ngokushesha. I-OSSEC Foundation yengamele ukugcinwa kwe-OSSEC.
GoPhish
Ukuze phish ukuhlolwa kokulingisa, i-Gophish iwuhlelo lomthombo ovulekile oluvumela ukuthumela ama-imeyili, ukuwalandelela, nokunquma ukuthi bangaki abamukeli abachofoze izixhumanisi kuma-imeyili akho omgunyathi. Futhi ungabheka zonke izibalo zabo. Inikeza iqembu elibomvu izindlela eziningi zokuhlasela ezihlanganisa ama-imeyili avamile, ama-imeyili anezinamathiselwa, kanye ne-RubberDuckies ukuhlola ukuphepha ngokomzimba nokudijithali. Njengamanje ungaphezu kwama-36 ukuphinga izifanekiso ziyatholakala emphakathini. Ukusabalalisa okusekelwe ku-AWS okulayishwe ngaphambili ngezifanekiso futhi kuvikelwe kumazinga e-CIS kugcinwa yi-HailBytes lapha.
Prowler
I-Prowler iyithuluzi lomugqa womyalo we-AWS elihlola ingqalasizinda yakho ngokuqhathanisa namazinga amiselwe i-AWS yiSikhungo Sokuphepha Kwe-inthanethi kanye nokuhlolwa kwe-GDPR ne-HIPAA. Unenketho yokubuyekeza ingqalasizinda yakho ephelele noma iphrofayela ethile ye-AWS noma isifunda. U-Prowler unamandla okwenza izibuyekezo eziningi ngesikhathi esisodwa futhi athumele imibiko ngamafomethi afaka i-CSV, i-JSON, ne-HTML. Ukwengeza, i-AWS Security Hub ifakiwe. U-Toni de la Fuente, uchwepheshe wezokuphepha wase-Amazon osabambe iqhaza ekulungiseni le phrojekthi, uthuthukise i-Prowler.
Inkawu Yokuphepha
Kumasethingi e-AWS, GCP, kanye ne-OpenStack, I-Security Monkey iyithuluzi le-watchdog elihlala libhekile ukuguqulwa kwenqubomgomo nokusetha okubuthakathaka. Isibonelo, Inkawu Yokuphepha ku-AWS ikwazisa noma nini lapho ibhakede le-S3 kanye neqembu lokuvikela kwakhiwa noma kususwa, iqapha okhiye bakho be-AWS Identity & Access Management, futhi yenza neminye imisebenzi embalwa yokuqapha. I-Netflix idale i-Security Monkey, nakuba ihlinzeka kuphela ngokulungiswa kwezinkinga ezincane kusukela manje. I-AWS Config kanye ne-Google Cloud Assets Inventory yizindawo zabathengisi.
Ukubona amathuluzi omthombo ovulekile amahle kakhulu ku-AWS, hlola i-HailBytes yethu' Iminikelo yemakethe ye-AWS lapha.
