中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/95552
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41628025      Online Users : 2616
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/95552


    Title: 資安協作自動化應變(SOAR)對於企業資安防護之研究-以P公司為例;Study on the Impact of Security Orchestration, Automation, and Re-sponse (SOAR) on Enterprise Cybersecurity Protection - A Case Study of Company P
    Authors: 黃智鋒;HUANG, CHIH-FENG
    Contributors: 資訊管理學系
    Keywords: 企業資安;網路安全;資安協作自動化應變;安全事件檢測與回應;自動化流程;enterprise cybersecurity;cybersecurity;security orchestration automated response;incident detection and response;process automation;SOAR
    Date: 2024-07-23
    Issue Date: 2024-10-09 17:00:30 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著網際網路的快速發展,勒索軟體攻擊愈發頻繁,這些攻擊往往難以完全阻止。然而企業不僅面臨著日益複雜的資安管理挑戰,同時也遭遇了專業人才的短缺。資安協作自動化應變(SOAR)技術解決方案號稱為能夠改善這些問題,但從企業角度來看,實際驗證SOAR在企業環境中資安防護效益的案例仍然不足,無法讓決策者了解其實際導入效益及評估其導入應用流程。
    因此本研究交採用個案研究法,透過分析三個具體的資訊安全應變處理場景,包括TW-ISAC情資應用流程、群組原則設置異常監控應用流程和誘餌檔案異動偵測流程,來實際驗證導入SOAR後的差異與效益。研究結果顯示,應用SOAR系統後,這些場景的處理時間均顯著縮短,從而證明了SOAR技術在整合安全工具及實現流程自動化方面的巨大潛力。透過這些案例分析,本研究不僅證實了SOAR系統在強化企業資安防護和提高安全事件處置效率方面的價值,也為企業資安管理的自動化變革提供了重要的參考。
    ;With the rapid development of the Internet, ransomware attacks have become increas-ingly frequent and are often difficult to completely prevent. Companies are not only facing increasingly complex cybersecurity management challenges but also encountering a short-age of professional talent. Security Orchestration, Automation, and Response (SOAR) tech-nology solutions are claimed to address these issues. However, from a corporate perspective, there are still insufficient cases verifying the security benefits of SOAR in enterprise envi-ronments, leaving decision-makers unable to understand its actual implementation benefits and evaluate its application processes.
    Therefore, this study adopts a case study approach, analyzing three specific cybersecu-rity incident response scenarios: the TW-ISAC intelligence application process, the abnor-mal group policy setting monitoring application process, and the decoy file alteration detec-tion process, to practically verify the differences and benefits after implementing SOAR. The results of the study show that after applying the SOAR system, the processing time for these scenarios was significantly reduced, thereby demonstrating the great potential of SOAR technology in integrating security tools and achieving process automation. Through these case analyses, this study not only confirms the value of the SOAR system in enhancing enterprise cybersecurity protection and improving the efficiency of handling security inci-dents but also provides important references for the automation transformation of corporate cybersecurity management.
    Appears in Collections:[Graduate Institute of Information Management] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML32View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明