摘要
对网络安全工作渗透测试工作中的效率瓶颈问题进行了分析,总结了原有测试工作协作方式以及测试过程中的低效之处。对现有威胁情报实时信息共享标准(STIX)进行了介绍,提出了一种基于STIX信息交互的渗透测试协作方案。通过对STIX进行定制扩充,可有效提升测试人员与测试人员、测试人员与测试工具以及测试工具之间的信息交互效率,提高信息交互的标准化、自动化程度。
In this paper,the bottleneck of the proceeding of the penetration test is summarized,especially in the low efficiency of the pentest cooperation and use of the test tools.Cyber threat intelligence standard STIX(Structured Threat Information Expression)is introduced in this paper,and a new collaborative method of penetration testing based on STIX information interaction is proposed.This method makes some customization and extension to the original STIX standard,effectively improving the information interaction efficiency in pentester to pentester,pentester to POC and POC to POC scenarios,as well as promoting the standardization and automation of the information interaction.
作者
刘岳
张海峰
张良
杨秉杰
边帅
Liu Yue;Zhang Haifeng;Zhang Liang;Yang Bingjie;Bian Shuai(National Internet Emergency Center(CNCERT/CC),Zhengzhou 450000,China)
出处
《信息技术与网络安全》
2018年第12期1-5,共5页
Information Technology and Network Security
基金
国家互联网应急中心青年科技基金项目(2018Q20)
