English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42771796      線上人數 : 912
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/95552


    題名: 資安協作自動化應變(SOAR)對於企業資安防護之研究-以P公司為例;Study on the Impact of Security Orchestration, Automation, and Re-sponse (SOAR) on Enterprise Cybersecurity Protection - A Case Study of Company P
    作者: 黃智鋒;HUANG, CHIH-FENG
    貢獻者: 資訊管理學系
    關鍵詞: 企業資安;網路安全;資安協作自動化應變;安全事件檢測與回應;自動化流程;enterprise cybersecurity;cybersecurity;security orchestration automated response;incident detection and response;process automation;SOAR
    日期: 2024-07-23
    上傳時間: 2024-10-09 17:00:30 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著網際網路的快速發展,勒索軟體攻擊愈發頻繁,這些攻擊往往難以完全阻止。然而企業不僅面臨著日益複雜的資安管理挑戰,同時也遭遇了專業人才的短缺。資安協作自動化應變(SOAR)技術解決方案號稱為能夠改善這些問題,但從企業角度來看,實際驗證SOAR在企業環境中資安防護效益的案例仍然不足,無法讓決策者了解其實際導入效益及評估其導入應用流程。
    因此本研究交採用個案研究法,透過分析三個具體的資訊安全應變處理場景,包括TW-ISAC情資應用流程、群組原則設置異常監控應用流程和誘餌檔案異動偵測流程,來實際驗證導入SOAR後的差異與效益。研究結果顯示,應用SOAR系統後,這些場景的處理時間均顯著縮短,從而證明了SOAR技術在整合安全工具及實現流程自動化方面的巨大潛力。透過這些案例分析,本研究不僅證實了SOAR系統在強化企業資安防護和提高安全事件處置效率方面的價值,也為企業資安管理的自動化變革提供了重要的參考。
    ;With the rapid development of the Internet, ransomware attacks have become increas-ingly frequent and are often difficult to completely prevent. Companies are not only facing increasingly complex cybersecurity management challenges but also encountering a short-age of professional talent. Security Orchestration, Automation, and Response (SOAR) tech-nology solutions are claimed to address these issues. However, from a corporate perspective, there are still insufficient cases verifying the security benefits of SOAR in enterprise envi-ronments, leaving decision-makers unable to understand its actual implementation benefits and evaluate its application processes.
    Therefore, this study adopts a case study approach, analyzing three specific cybersecu-rity incident response scenarios: the TW-ISAC intelligence application process, the abnor-mal group policy setting monitoring application process, and the decoy file alteration detec-tion process, to practically verify the differences and benefits after implementing SOAR. The results of the study show that after applying the SOAR system, the processing time for these scenarios was significantly reduced, thereby demonstrating the great potential of SOAR technology in integrating security tools and achieving process automation. Through these case analyses, this study not only confirms the value of the SOAR system in enhancing enterprise cybersecurity protection and improving the efficiency of handling security inci-dents but also provides important references for the automation transformation of corporate cybersecurity management.
    顯示於類別:[資訊管理研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML63檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明