威胁和漏洞响应最佳实践.pdf

1、Threat&Vulnerability Response Best PracticesTRACKING&MITIGATING EMERGING THREATSTodays Presenter ProcessUnity,Inc.All Rights Reserved.2Sophia CorsettiProduct Marketing ManagerA Day in the Life on July 19th CROWDSTRIKE RESPONSEI just got an alert about CrowdStrike.Are our vendors impacted?TVR notifie

2、d us this morning and we started analyzing our high-risk vendors.Of our 25 high-risk vendors,13 are down due to CrowdStrike.Were reaching out now.The State of Emerging Threats Response Process Basics&Ideal State Critical Components for a Mature Process Effective&Efficient Threat&Vulnerability Respon

3、se SummaryTodays Agenda ProcessUnity,Inc.All Rights Reserved.4Found Vulnerabilities Continue to IncreaseSource:2023 Threat Landscape Year in Review:If Everything is Critical,Nothing Is(Qualys)Link:https:/ Vulnerabilities Continue to Increase570 HIGH-RISK VULNERABILITIES IN 2023Source:2023 Threat Lan

4、dscape Year in Review:If Everything is Critical,Nothing Is(Qualys)Link:https:/ Vulnerabilities Follow AlongSource:CISA.govLink:https:/www.cisa.gov/known-exploited-vulnerabilities-catalogEmerging Threat ScenariosNon-application associated threats(Ransomware,DDoS)Threat Intelligence(dark web monitorin

5、g,third-party breaches,CrowdStrike)Known Exploited Vulnerabilities(CISA KEVs)Threat&Vulnerability Response:The Basic ProcessIDENTIFYMonitor advisories for critical vulnerabilities.ASSESSScope and bulk-assess potentially affected third parties.PRIORITIZEDetermine which third parties should be assesse

6、d.REPORTCapture and distribute findings and recommendations.Too many alerts which ones matter?Too many vendors which ones are in scope?Too many manual processes slow and inefficient Disrupts our“day job”assessment processesBut its Not So SimpleA COMPLICATED PROCESS REQUIRES NEW THINKINGUltimately,Th