GitHub - cisagov/vulnrichment: A repo to conduct vulnerability enrichment.
The CISA Vulnrichment project is the public repository of CISA's enrichment of public CVE records through CISA's ADP (Authorized Data Publisher) container. In this phase of the project, CISA is assessing new and recent CVEs and adding key SSVC decision points. Once scored, some higher-risk CVEs will also receive enrichment of CWE and/or CVSS data points, where possible. Producers and consumers of
既知ã®æ‚ªç”¨ã•ã‚ŒãŸè„†å¼±æ€§ã‚«ã‚¿ãƒã‚°ï¼ˆæ—¥æœ¬èªžç‰ˆï¼‰
アメリカ政府CISAã«ã‚ˆã‚‹ã€Œæ—¢çŸ¥ã®æ‚ªç”¨ã•ã‚ŒãŸè„†å¼±æ€§ã‚«ã‚¿ãƒã‚°ã€ã®æ—¥æœ¬èªžè¨³
Weak Security Controls and Practices Routinely Exploited for Initial Access | CISA
Malicious actors commonly use the following techniques to gain initial access to victim networks.[TA0001] Exploit Public-Facing Application [T1190] External Remote Services [T1133] Phishing [T1566] Trusted Relationship [T1199] Valid Accounts [T1078] Malicious cyber actors often exploit the following common weak security controls, poor configurations, and poor security practices to employ the initi
Kubernetes Hardening Guidanceを訳ã—ã¦ã¿ãŸ(éšæ™‚æ›´æ–°ä¸) | Zenn
ã“ã®æ–‡ç« ã«ã¤ã„㦠米国土安全ä¿éšœçœã‚µã‚¤ãƒãƒ¼ã‚»ã‚ュリティ・インフラストラクãƒãƒ£ã‚»ã‚ュリティåº(CISA)ã¨ç±³å›½å®¶å®‰å…¨ä¿éšœå±€(NSA)ã«ã‚ˆãƒªä½œæˆã•ã‚ŒãŸKubernetes Hardening Guidance, Kuebrnetes環境ã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã‚’ã‚ˆã‚Šå …ç‰¢ã«ã™ã‚‹ãŸã‚ã®ã‚¬ã‚¤ãƒ€ãƒ³ã‚¹ã‚’翻訳ã—ãŸã¿ãŸã‚‚ã®ã§ã™ã€‚ 訳者ã®è‹±èªžåŠ›ã¯å£Šæ»…çš„ã§ã™ã®ã§ã€å¤šãã®èª¤è¨³ãªã©ã‚ã‚‹ã‹ã¨æ€ã„ã¾ã™ãŒç”Ÿæš–ã‹ã„ç›®ã§è¦‹ã¦é ‚ã‘ã‚Œã°ã¨æ€ã„ã¾ã™ã®ã§ã‚ˆã‚ã—ããŠé¡˜ã„ã—ã¾ã™ã€‚翻訳ã¯ä»¥ä¸‹ã§éšæ™‚更新&修æ£ã—ã¦ã„ãã¾ã™ã€‚ Kubernetes Hardening Guidance Disclaimer of warranties and endorsement ã“ã®ãƒ‰ã‚ュメントã«å«ã¾ã‚Œã‚‹æƒ…å ±ã¨æ„見ã¯ç¾çŠ¶ã®ã¾ã¾ã§æä¾›ã•ã‚Œã‚‹ã‚‚ã®ã§ã‚ã‚Šã„ã‹ãªã‚‹æ ¹æ‹ ã‚„ä¿è¨¼ã¯ã‚ã‚Šã¾ã›ã‚“。ã“ã“ã«è¨˜è¼‰ã•ã‚Œã¦ã„る特定ã®å•†ç”¨è£½å“ã€ãƒ—ãƒã‚»ã‚¹ã€ã‚µãƒ¼ãƒ“スã«ã¤ã„ã¦å•†å·ã€å•†æ¨™ã€è£½é€ 者を米国政
ãŠçŸ¥ã‚‰ã›
ランã‚ング
ランã‚ング
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
GitHub - rxerium/CISA-KEV: A repo to notify me when the CISA KEV updates and how many Nuclei templates there are to scan the KEV
A Deep Dive into KEV
SSVC On Demand Training
CISA Stakeholder-Specific Vulnerability Categorization Guide
ICS関連製å“ã®è„†å¼±æ€§æƒ…å ±ã®åˆ†æžã‚’通ã˜ã¦è¦‹ãˆã¦ããŸèª²é¡Œ
Stakeholder-Specific Vulnerability Categorization (SSVC) | CISA
GitHub - hogehuga/richmentdb: vulnrichment database project.
CISAã®è„†å¼±æ€§ç®¡ç†ç’°å¢ƒã®å¤‰é©ã«é–¢ã™ã‚‹æ¦‚説ã¨SSVCガイド - Qiita
Home
GitHub - cisagov/admiral: Distributed certificate transparency log harvester
SSVC Calculator | CISA
SMB Security Best Practices | CISA
NSA and CISA share Kubernetes security recommendations
Kubernetes Hardening Guide | NSA/CISA
IRF Index - IRF
GitHub - cisagov/findcdn: findCDN is a tool created to help accurately identify what CDN a domain is using.
{{#tags}}- {{label}}
{{/tags}}