unity相机围绕模型转
When we create an environment and consider our security testing from development to production and how changes are deployed throughout each environment, we want to consider what we’re protecting and how much resources we’ll devote to this protection. Every company has limited resources, so protecting against all possible threats will not be something we can achieve.
当我们创建环境并考虑从开发到生产的安全测试以及如何在每个环境中部署更改时,我们要考虑我们正在保护的内容以及将为该保护投入多少资源。 每个公司的资源都是有限的,因此防范所有可能的威胁将是我们无法实现的。
网络永远不会完全安全 (Networks Are Never Fully Secure)
In Alex Gibney’s Zero Days documentary, a former deputy director of the NSA, Chris Inglis, admits that during Operation Buckshot Yankee, his team realized that they could never fully secure a network from outside attacks. In the same film, this conclusion is echoed in several other interviews with individuals working in the private cybersecurity industry. We cannot stop attacks. We cannot even protect against all attacks. At best, we can delay or deter attacks. Our security testing should consider these points. Rather than a mentality of how do we stop attacks and promote this approach throughout our environments (we can’t), our mentality should be what is our priority to secure, how can we best secure it, and what steps should we take to secure it.
国家安全局前副局长克里斯·英格里斯(Alex Inglis)在亚历克斯·吉布尼(Alex Gibney)的零日纪录片中承认,在“扬基行动”期间,他的团队意识到他们无法完全保护网络免受外界攻击。 在同一部电影中,在对私人网络安全行业的工作人员进行的其他几次采访中也回响了这一结论。 我们不能停止攻击。 我们甚至无法防范所有攻击。 充其量,我们可以延迟或阻止攻击。 我们的安全测试应考虑这些要点。 而不是我们如何阻止攻击并在整个环境中推广这种方法的想法(我们不能),我们的想法应该是确保安全的首要任务,如何才能最好地保护它,以及应该采取什么步骤来确保安全它 。
Starting with the assumption that we can’t stop attacks helps us focus our efforts on where we’re likely to see the strongest results to protect in our environment.
从我们无法阻止攻击的假设开始,可以帮助我们将精力集中在最有可能看到最强结果的地方,以保护我们的环境。
确定需要关注的领域 (Identifying Areas of Concern)
Before we consider security testing, we should consider that some hacks have different intent than others. When we know what types of attacks exist, we can determine where we’re most at risk and prepare. Examples of different attacks could be:
在考虑安全测试之前,我们应该考虑某些黑客的意图与其他黑客不同。 当我们知道存在哪种类型的攻击时,我们可以确定最容易受到威胁的地方并做好准备。 不同攻击的示例可能是:
- Destructive attacks – hacks intended to destroy resources (i.e., “drop table”) 破坏性攻击–旨在破坏资源的黑客(即“投稿台”)
- Informational attacks – hacks designed to obtain information about a target (i.e., Duqu) 信息攻击–旨在获取有关目标(例如Duqu)信息的黑客
- Intellectual property attacks – hacks designed to steal intellectual property (i.e., industrial espionage) 知识产权攻击–旨在窃取知识产权的黑客(例如,工业间谍活动)
- Mis-directional attacks – hacks designed to confuse the target into wasting resources 方向错误的攻击-旨在使目标混淆以浪费资源的黑客
Depending on our risks, our security testing must focus first on the highest risks. In the below image, we see four types of businesses built around data, design, operations, or niche models and the types of attacks that are likely to do the most damage. Keep in mind that some businesses are a combination of the four models, such as data and design (common with software companies) or operations and niche (common with gold mining companies):
根据我们的风险,我们的安全测试必须首先关注最高风险。 在下图中,我们看到围绕数据,设计,运营或利基模型构建的四种业务类型,以及可能造成最大损失的攻击类型。 请记住,有些企业是四种模型的结合,例如数据和设计(与软件公司共同)或运营与细分市场(与金矿公司共同):
Other attack types exist, but these cover some of the most common attacks we see. As we see, the intent of hacking differs, and some hacks may be positive to help a company strengthen its environment (ethical hacking).
还存在其他攻击类型,但是它们涵盖了我们看到的一些最常见的攻击。 正如我们所看到的,黑客的意图各不相同,有些黑客可能有助于公司改善环境(道德黑客)。
例子 (Examples)
As we’ve seen, our first step to protecting our company is to identify our business model and what attacks we’re likely to experience.
正如我们所看到的,保护我们公司的第一步是确定我们的商业模式以及我们可能遭受的攻击。
For an example, on a database level, we may be able to prevent a destructive hack from outside our environment through restricting all external users to readers, but it’s possible that an attacker only wants information and uses techniques to extract information about our database with the reader permission we’ve granted. If our situation calls for preventing an informational attack over a destructive attack, we would possibly want permissions isolated on an object level. Our security testing must prioritize the risk of an informational attack over a destructive attack if our business model calls for this protection first. Also, protecting data significantly differs from protecting design – in most cases, we want to limit data in environments and on reports to only what is necessary. A common practice we see in the below image is to limit priority data – like PII data – to pre-production and production while generating “placeholder” data (i.e., fake data) in lower environments for testing purposes.
例如,在数据库级别,我们可以通过将所有外部用户限制为读者来防止来自环境之外的破坏性黑客入侵,但是攻击者有可能只想要信息,并使用一些技术来提取有关我们数据库的信息。我们授予的读者许可。 如果我们的情况要求防止对破坏性攻击的信息攻击,那么我们可能希望在对象级别隔离权限。 如果我们的业务模型首先要求提供这种保护,则我们的安全测试必须优先考虑信息攻击的风险高于破坏性攻击的风险。 此外,保护数据与保护设计有很大的不同-在大多数情况下,我们希望将环境和报告中的数据限制为仅必要的内容。 我们在下图中看到的一种常见做法是将优先级数据(如PII数据)限制为预生产和生产,同时在较低环境中生成“占位符”数据(即假数据)以进行测试。
Even intuitive designs that enhance user experience must have robust security testing, as these designs may have weaknesses that allow for infiltration or may provide too much information. For a simple example of this, in the below login form, when entering an incorrect email address, a message warns the user that no login is associated with an email. At first glance, this seems helpful to users, as it may help them identify if they’ve accidentally entered an incorrect email account. However, this compromises our system as it identifies who has an account and opens the site to an informational attack that anyone can use.
即使是能够提高用户体验的直观设计,也必须进行可靠的安全测试,因为这些设计可能存在允许渗透的弱点,或者可能提供过多的信息。 举一个简单的例子,在下面的登录表单中,当输入错误的电子邮件地址时,将显示一条消息,警告用户没有登录名与电子邮件相关联。 乍一看,这对用户似乎很有帮助,因为它可以帮助用户识别是否意外输入了错误的电子邮件帐户。 但是,这会损害我们的系统,因为它会识别谁拥有一个帐户,并使该网站遭受任何人都可以使用的信息性攻击。
Relating to the challenge presented in the above image, our security testing would need to identify this input-output risk. By identifying this risk early in our environments, we would be able to stop it from ever entering higher environments and putting legitimate users at risk.
关于上图中所示的挑战,我们的安全测试将需要确定这种输入输出风险。 通过在我们的环境中尽早识别这种风险,我们将能够阻止它进入更高的环境,并使合法用户面临风险。
Keep in mind that hacking in the context of manipulation outside of intent isn’t only limited to the digital world. Social engineering is fundamentally a form of a hack through manipulation and one that uses social techniques rather than digital. Sometimes, it combines both (social media being a mixture of social and digital). This falls outside of testing code, but we should still be testing for social engineering as this area can be costly and easily overlooked. In general, where input exists, injection risks are possible with the malicious intent of getting more output – and this isn’t limited to the digital world.
请记住,在意图之外进行操纵的情况下进行黑客攻击不仅限于数字世界。 从根本上说,社会工程学是通过操纵进行的一种黑客入侵形式,并且是使用社交技术而非数字技术的形式。 有时,两者结合在一起(社交媒体是社交和数字的混合)。 这超出了测试代码的范围,但是我们仍然应该对社会工程学进行测试,因为该领域的成本很高且容易被忽视。 通常,在存在输入的情况下,出于获取更多输出的恶意意图,可能会存在注入风险–不仅限于数字世界。
摘要 (Summary)
When we review the attack vectors of our environment that we must protect against along with the security in place in our environment, we can create the appropriate security testing for development teams where we are most at risk. Whether we’re protecting data, intellectual property, or destruction, we want to create secure architecture that allows for these checks during builds and deployments. This insight allows developers and security personnel the ability to quickly identify areas of weaknesses and improvements to further increase security.
当我们查看环境中必须防御的攻击媒介以及环境中现有的安全性时,我们可以为风险最大的开发团队创建适当的安全测试。 无论我们是保护数据,知识产权还是破坏,我们都希望创建安全的体系结构,以便在构建和部署过程中进行这些检查。 这种洞察力使开发人员和安全人员能够Swift发现弱点和改进方面,以进一步提高安全性。
翻译自: https://www.sqlshack.com/security-testing-around-our-business-model-and-risks/
unity相机围绕模型转
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
