Slide 29
Slide 29 text
- ੬ऑੑͷछผ
- ΤϯυϙΠϯτ-> ύονద༻ঢ়ଶͷྗ্
- ࣗࣾϓϩμΫτ -> DevSecOpsʹΑΔϓϩμΫτϦϦʔε·Ͱ
ͷ҆શੑ֬อ, ASMʹΑΔϦϦʔεࡁΈϓϩμΫτͷࣗಈஅ
- αʔυύʔςΟ -> CSPMʹΑΔMiscon
fi
gൃݟ
- ਓ
- ࢿ࢈ঢ়گ
- ΠϯλʔωοτϑΣΠγϯά -> ASMʹΑΔࢿ࢈ཧ্
- ੬ऑੑͷධՁ -> CVSS, SSVC, EPSSʹΑΔධՁ
- KEVର -> ੬ऑੑରԠͷ༏ઌΛϦεΫϕʔεʹ
- ཧπʔϧͱͷ࿈ܞঢ়گ
- ཧݩ
- ਖ਼ࣾһ -> ϑΟογϯά܇࿅
- ۀҕୗ
- ࢲ༻ -> BYODԽʹΑΔࢿ࢈ཧରͷ֦େ
- ཧ֎ʢΤϯυϢʔβʔʣ
அ࣠
- ڴҖͷछผ
- ෦ෆਖ਼
- ޡૢ࡞ɾmiscon
fi
g ->
- ֎෦ΞΫλʔ
- ߈ܸͷTactics
- Init access, Exec, persistence, privi esc….
- ଞࣾͰൃੜͨ͠ࣄྫ
- ۀքͷಈ
- ࠃ๏ن੍ɾΨΠυϥΠϯରԠ
- ࠃࡍతن੍ରԠʢྫ: AML/CFTʣ
- ৽ٕज़ඪ४ରԠʢྫ: ύεΩʔʣ
- ଞ
- νʔϜϝϯόʔͷWillɺεΩϧηοτ
- ৽ϓϩμΫτձ্ཱࣾͪ͛ɾM&A
- Ϣʔβʔཁ