一、 企业安全运营中的ATT&CK
二、攻击检测
Domain |
ID |
Name |
Use |
Enterprise |
T1190 |
Exploit Public-Facing Application |
APT28 has conducted SQL injection attacks against organizations' external websites. |
Enterprise |
T1190 |
Exploit Public-Facing Application |
Axiom has been observed using SQL injection to gain access to systems. |
Enterprise |
T1190 |
Exploit Public-Facing Application |
Night Dragon has performed SQL injection attacks of extranet web servers to gain access. |
Enterprise |
T1190 |
Exploit Public-Facing Application |
APT39 has used SQL injection for initial compromise. |
三、事件跟踪和溯源
四、后记
本文始发于微信公众号(网络安全应急技术国家工程实验室):ATT&CK框架在企业安全运营中的局限
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论