当前位置:首页 > 报告详情

阻止 OCI 及其他平台上的多域安全漏洞 [THR3886].pdf

上传人: Fl****zo 编号:971093 2025-11-08 17页 3.72MB

1、 CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATION CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONStopping Multi-Domain Breaches on OCI and Beyond CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFOR

2、MATION CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONEvan StonerStaff Solution ArchitectCrowdStrike CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATION0102The Cloud Threat LandscapeCrowdStrike and Oracle Cloud Working TogetherA

3、genda CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONWant to know whycloud security matters?CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONCloud is the new battleground for adversariesCloud intrusions have surged 136%in the

4、first half of 2025 compared to all of 2024.CrowdStrike 2025 Threat Hunting ReportCross-domain attacksstart with endpoint and endwith cloud compromiseSCATTERED SPIDEREndpointIdentityCloud CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONLABYRINTH CHOLLIMAModern Adv

5、ersary Cloud AttackINITIAL ACCESSIdentityAdversary acquired remote desktop credentials on dark webPRIVILEGE ESCALATIONCloudPrivileged policy and access keys added tonew userLATERAL MOVEMENTCloudValid credentials used to gain access to cloud control planeCROSS-DOMAIN ATTACKDISCOVERYEndpointMalware de

6、ployed and cloud credentials discoveredDATA COLLECTIONCloudData accessed,exfiltrated,and deleted;resources hijacked CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONSiloed Tools Make It ChallengingSaaSApplications(SSPM)Custom Applications(ASPM)Infra(CSPM)Data(DSPM

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《Stopping Multi-Domain Breaches on OCI and Beyond》报告,以下是全文关键点: 1. 云安全重要性:2025年上半年云入侵增长了136%。 2. 攻击路径:跨域攻击从端点开始,以云妥协结束。 3. 障碍:孤立的工具难以应对复杂攻击。 4. CrowdStrike解决方案:提供跨域可见性,阻止攻击。 5. 威胁情报:每天检测250+攻击者,2万亿事件,每周800,000+威胁指标。 6. 云服务配置风险:如安全列表过宽、存储桶公开访问等。 7. 威胁行为检测:通过日志和监控发现可疑活动,如API流量激增、数据泄露等。
如何防多域攻击?" "CrowdStrike与Oracle联手,揭秘云安全新策略!" "云安全漏洞一网打尽,CrowdStrike如何做到?"
客服
商务合作
小程序
服务号
折叠