摘要
[目的/意义]在网络攻防对抗日益激烈的情况下,更好地建设网络攻防对抗队伍.[方法/过程]基于红蓝对抗AT T&C K战术框架、战术方法和实战经验的融合,从攻防两方面入手,以提高攻防两端在大规模网络安全红蓝对抗中的技战术为目的,结合理论和实战经历,针对"网安行动""实战演练""HW行动"等工作,提出了切实、可行的攻防体系和管理方法,并对实战涉及到的实践经历进行了复盘和实战经验总结.[结果/结论]从各阶段攻防演练的结果来看,提出的攻防体系和管理方法较为贴合实际,具有实际意义.
[Purpose/Significance]In the reality of increasingly fierce network attack defense confrontation,better build a network attack defense confrontation team.[Method/Process]Based on the integration of Red Blue confrontation ATT&CK tactical framework,tactical methods and practical experience,starting from both offensive and defensive sides,aiming to improve the technology and tactics of both offensive and defensive sides in large-scale network security Red Blue confrontation,combining theory and practical experience,the paper proposes a practical and feasible offensive and defensive system and management methods for the enterprise's key work throughout the year,such as"all-around network security operations","practical drills"and"HW operations",And the practical experience involved in the actual combat was reviewed and summarized.[Results/Conclusion]Based on the results of the attack and defense drills at each stage,the attack and defense system and management methods proposed in this paper are more practical and have practical significance.
作者
梅亦
Mei Yi(Jiangsu Electronic Information Product Quality Supervision&Inspection Institute/Jiangsu Information Security Evaluation Center,Jiangsu Wuxi 214073)
出处
《网络空间安全》
2023年第2期57-62,共6页
Cyberspace Security
作者简介
梅亦(1998-),男,汉族,江苏常州人,桂林电子科技大学,本科,江苏省电子信息产品质量监督检验研究院/江苏省信息安全测评中心,工程师,主要研究方向和关注领域:网络安全和数据安全。
