Shulou(Shulou.com)11/24 Report--

Recently, Black Hat Asia 2023 (Asian Black Hat Conference) was held in Singapore. Black Hat conference is recognized as the highest event in the world information security industry, and it is also the most technical information security conference. The meeting focuses on advanced security research, development and trends, and leads the trend of future security ideas and technologies with its strong technicality, authority and objectivity. 360 Digital Security Group network-wide brain knowledge cloud experts were invited to give a speech on the topic of "effectiveness evaluation of in-depth defense system based on technical and tactical knowledge graph".

At present, more and more enterprises are using BAS (intrusion and attack Simulation) solution in security assessment. How to grasp the TTP (Tactics, Techniques, and Procedures, technology, tactics and process) used by the attacker timely and efficiently, and build a targeted evaluation system based on TTP to verify the effectiveness of the enterprise's own defense-in-depth system is an important challenge for enterprises in security assessment.

Security experts have proposed and created a new TTP-based knowledge graph method, which allows security researchers and operators to fully cover and see the panorama of attack and defense techniques and tactics in actual combat, and establish the "interrelationship" among attack, defense and evaluation, so as to provide clear action guidance against known threats and even unknown threats. By constructing the knowledge graph of attack techniques and tactics, it can help BAS generate the attack technology and tactics chain according to the actual assets of the target enterprise, so as to evaluate the defense capability in depth more accurately and efficiently.

In the topic, 360security experts explained that 360can quickly build a knowledge graph of attack techniques and tactics by improving the accuracy of TTP extraction in unstructured reports. In practical application, based on the TTP entities in the knowledge graph of attack techniques and tactics and the relationship between them, 360360 BAS can produce more suitable attack techniques and tactics paths according to the situation of the target enterprise, and give full play to the effectiveness of security assessment.

BAS technology has been paid attention to since 2017. BAS products were first introduced in China in 2020 and recommended by Gartner report in 2022. With its accurate, intelligent, real-time, harmless and other core features, to help customers continue to improve the level of security protection and safety operation capabilities, to create a "security yardstick".

In addition to knowledge graph to ensure the professionalism of BAS evaluation, 360 extracted examples of vulnerability exploitation and typical attacks from attack and defense actual combat in the past 20 years, independently developed and output more than thousands of highly simulated and secure materials, and highly restored real events for simulation to ensure the accuracy of evaluation results. In addition, all reports of 360 BAS after deployment can be completed automatically, continuously evaluating the security status through real-time updated cloud scenarios and professional security services provided by 360 senior security experts.

This debut of Black Hat Asia is the recognition of the industry's innovation ability and technical strength of BAS. At present, BAS has become a key operational component of the local security brain, serving a wide range of customers in finance, energy, communications, government and other industries. In the future, BAS will continue to help customers evaluate, check leaks and enhance their security capabilities, so as to protect the development of digital economy.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.