检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:刘欢 黄金涛[1] 刘星江[1] 张建川[1] LIU Huan;HUANG Jintao;LIU Xingjiang;ZHANG Jianchuan(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
机构地区:[1]中国电子科技集团公司第三十研究所,四川成都610041
出 处:《通信技术》2023年第12期1428-1434,共7页Communications Technology
摘 要:随着网络安全攻防对抗的日趋激烈,新的安全漏洞和网络入侵手段不断增加,传统的依靠人工经验排查并指望单点防范和响应的策略已经失效,安全编排自动化与响应技术应运而生,并迅速成为当前网络空间安全技术研究的热点。从新形势下网络安全事件处置面临的困境出发,分析了安全编排自动化响应技术产生的原因、基本概念和核心能力,针对现有架构存在的不足,进一步提出了基于智能化编排的网络安全事件响应架构组成要素、关键技术及业务处理流程,为新型数字化基建业务网络安全运维提供相关借鉴。As the confrontation between cyber security attacks and defenses intensifies,new security vulnerabilities and network intrusion methods continue to increase,the conventional strategy that rely on manual experience to detect and count on a single point of prevention and response has failed.The security orchestration automated response technology emerges and quickly becomes the current research hotspot of cyberspace security technology.Starting from the challenges faced by cyber security incident response in the new situation,this paper analyzes the reasons,basic concepts and core capabilities of security orchestration automated response technology.To address the shortcomings of the existing architectures,it further proposes key components,critical technologies,and business processing flow of cyber security incident response architecture based on intelligent orchestration,which provides relevant reference for the cyber security operation and maintenance of new digital infrastructure services.
关 键 词:网络安全事件 SOAR 安全智能编排 安全事件响应架构
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.248