[read]大型互联网企业安全架构

=Start=

缘由:

整理记录一下最近在看的《大型互联网企业安全架构》一书,方便后续参考学习。

正文:

参考解答:

整体来说,全书的前8章内容不错(篇幅占了全书的77%左右),尤其是涉及到”主机安全”相关的内容(可能和作者近20年的信息安全从业经验有关,就我遇到过的来说,最早一批的安全大佬底层基础知识都很扎实),其次就是”参考资料”这一部分(应该和作者的安全视野,以及很强的开发能力和经验有关)。

下面整理一下该书的目录结构,跟着作者的思路捋一下大型互联网企业的安全架构和建设路径:

第一部分 安全理论体系

security philosophy
security architecture theory
security construction guideline

不同的公司对安全理念有不同的理解。阿里云的1+3安全运营管控理念,即通过“安全融入设计、自动化监控与响应、红蓝对抗与持续改进”这3个安全手段,实现保障用户数据安全这个核心目标。

“以安全文化建设为中心,将安全融于体系,建立自动化监控与响应系统,持续进行攻防对抗与安全创新”的新安全建设理念。

第1章 安全理念

1.1 安全组织与标准
1.2 企业安全风险综述
1.2.1 业务与运维安全
1.2.2 企业内部安全
1.2.3 法律法规与隐私保护
1.2.4 供应链安全
1.3 业界理念最佳实践

第2章 国际著名安全架构理论

2.1 P2DR模型
2.2 IPDRR模型
2.3 IATF
2.4 CGS框架
2.5 自适应安全架构
2.6 IACD
2.7 网络韧性架构
2.8 总结

第3章 大型安全体系建设指南

3.1 快速治理阶段
3.1.1 选择合适的安全负责人
3.1.2 识别主要的安全风险
3.1.3 实施快速消减策略
3.2 系统化建设阶段
3.2.1 依据ISMS建立安全管理体系
3.2.2 基于BSIMM构建安全工程的能力
3.2.3 参考Google云平台设计安全技术体系
3.3 全面完善与业界协同阶段
3.3.1 强化安全文化建设
3.3.2 完善安全韧性架构
3.3.3 建立协同安全生态

第二部分 基础安全运营平台

Threat Intelligence
Vulnerability Detection
Intrusion Detection
Active Defense
Anti Backdoor
Security Baseline (CIS Benchmark)
Security Platform All in One

第4章 威胁情报

4.1 公共情报库
4.2 漏洞预警
4.3 信息泄露

第5章 漏洞检测

5.1 网络漏洞
5.2 主机漏洞
5.3 网站漏洞

第6章 入侵感知

6.1 网络流量分析(NTA)
6.2 主机入侵检测(HIDS)
6.3 欺骗(Deception)技术

第7章 主动防御

7.1 主机入侵防御(HIPS)
7.2 Web应用防火墙(WAF)
7.3 运行时应用自保护(RASP)
7.4 数据库防火墙(DBF)

第8章 后门查杀(AV)

8.1 Rootkit
8.2 主机后门
8.3 Webshell

第9章 安全基线
第10章 安全大脑

10.1 安全态势感知(Security Situation Awareness, SSA)
10.2 安全信息和事件管理(Security Information Event Management, SIEM)
10.3 安全编排与自动化响应(Security Orchestration Automation and Response, SOAR)

第三部分 综合安全技术

SDL/DevSecOps
IT Security
Business Security
Cloud Security
Frontier Security Technology(AI & Cryptography)

第11章 安全开发生命周期

11.1 计划阶段
11.2 编码阶段
11.3 测试阶段
11.3.1 自动化安全测试
11.3.2 人工安全测试
11.4 部署阶段

第12章 企业办公安全

12.1 人员管理
12.2 终端设备
12.3 办公服务
12.4 实体场地

第13章 互联网业务安全

13.1 业务风控
13.2 数据安全与隐私

第14章 全栈云安全

14.1 可信计算
14.2 内核热补丁(KLP)
14.3 虚拟化安全(VMS)
14.4 容器安全(CS)
14.5 安全沙盒(Sandbox)

第15章 前沿安全技术

15.1 AI与安全
15.1.1 AI技术在安全领域中的应用
15.1.2 AI技术自身的安全性
15.2 其他技术


书中的参考资料(链接):

[1] https://www.iso.org/isoiec-27001-information-security.html
[2] http://www.djbh.net/webdev/web/PolicyStandardsAction.do?p=getListZcbzJcbz
[3] https://cloudsecurityalliance.org/star/certification/
[4] https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss
[5] https://www.eugdpr.org/
[6] http://www.visualcapitalist.com/worlds-biggest-data-breaches/
[7] https://www.nds.rub.de/media/ei/veroeffentlichungen/2017/01/30/printer-security.pdf
[8] http://mtc.baidu.com/site/app
[9] http://dev.360.cn/html/vulscan/scanning.html
[10] https://service.security.tencent.com/kingkong
[11] https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide
[12] https://github.com/MobSF/Mobile-Security-Framework-MobSF
[13] https://wiki.sei.cmu.edu/confluence/display/android/Android+Secure+Coding+Standard
[14] https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Introduction.html
[15] https://www.bsimm.com/
[16] https://www.opensamm.org/
[17] http://www.sse-cmm.org/
[18] https://ai.google/research/pubs?area=SecurityPrivacyandAbusePrevention
[19] https://www.google.com/about/appsecurity/tools/
[20] https://ai.google/research/pubs/pub43231
[21] https://cloud.google.com/blog/products/gcp/titan-in-depth-security-in-plaintext
[22] https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerberus
[23] https://cloud.google.com/armor/
[24] https://landing.google.com/sre/sre-book/chapters/production-environment/
[25] https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/
[26] https://cloud.google.com/security/encryption-in-transit/
[27] https://molo.ch/
[28] https://redborder.com/
[29] https://github.com/thinkst/
[30] https://cloud.google.com/shielded-vm/
[31] https://cloud.google.com/container-optimized-os/
[32] https://github.com/google/gvisor
[33] https://osquery.io/
[34] https://cloud.google.com/security-scanner/
[35] https://cloud.google.com/apigee-sense/
[36] https://rasp.baidu.com/
[37] https://cloud.google.com/vision/
[38] https://cloud.google.com/video-intelligence/
[39] https://cloud.google.com/iam/
[40] https://cloud.google.com/iap/
[41] https://cloud.google.com/resource-manager/
[42] https://cloud.google.com/security-key/
[43] https://www.gluu.org/
[44] https://cloud.google.com/kms/
[45] https://cloud.google.com/hsm/
[46] https://cloud.google.com/dlp/
[47] http://ranger.apache.org/
[48] http://eagle.apache.org/
[49] https://www.vaultproject.io/
[50] https://cloud.google.com/logging/
[51] https://cloud.google.com/security-command-center/
[52] https://forsetisecurity.org/
[53] https://cloud.google.com/beyondcorp/
[54] https://github.com/mozilla/MozDef
[55] https://abc.xyz/investor/other/google-code-of-conduct.html
[56] https://osintframework.com/
[57] https://www.virustotal.com/
[58] https://developers.facebook.com/programs/threatexchange/
[59] http://nelab-bdst.org.cn/index.php?g=portal&m=list&a=index&id=35
[60] https://x.threatbook.cn/
[61] https://oases.io/
[62] https://osintframework.com/
[63] https://mitre.github.io/attack-navigator/enterprise/
[64] https://github.com/michenriksen/gitrob
[65] https://github.com/MiSecurity/x-patrol
[66] https://github.com/s-rah/onionscan/
[67] https://github.com/CIRCL/AIL-framework
[68] https://github.com/archerysec/archerysec
[69] http://www.openvas.org/
[70] https://github.com/greenbone/
[71] https://github.com/greenbone/openvas-scanner
[72] https://www.greenbone.net/en/install_use_gce/
[73] https://secinfo.greenbone.net/omp?cmd=get_info&info_type=nvt&token=guest
[74] http://dl.greenbone.net/community-nvt-feed-current.tar.bz2
[75] https://www.open-scap.org/
[76] https://github.com/OpenSCAP/scap-workbench
[77] https://github.com/OpenSCAP/openscap-daemon
[78] https://github.com/sjvermeu/cvechecker
[79] https://github.com/clearlinux/cve-check-tool
[80] https://github.com/jeremylong/DependencyCheck
[81] https://github.com/retirejs/retire.js/
[82] https://github.com/coreos/clair
[83] https://github.com/Arachni/arachni
[84] https://htcap.org/
[85] https://github.com/fcavallarin/htcap/archive/1.1.0.tar.gz
[86] https://github.com/yahoo/gryffin
[87] https://github.com/ring04h/papers/
[88] https://github.com/snort3/snort3
[89] https://github.com/OISF/suricata
[90] https://github.com/bro
[91] http://www.haka-security.org/
[92] https://github.com/haka-security/haka
[93] http://spot.incubator.apache.org/
[94] https://stream4flow.ics.muni.cz/
[95] https://github.com/CSIRT-MU/Stream4Flow/
[96] https://github.com/dreadl0ck/netcap/blob/master/mied18.pdf
[97] https://github.com/dreadl0ck/netcap
[98] https://github.com/dreadl0ck/netcap-tf-dnn
[99] https://github.com/facebookincubator/katran
[100] https://github.com/iqiyi/dpvs
[101] http://www.ossec.net/
[102] https://github.com/ossec/ossec-hids
[103] https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
[104] https://github.com/SwiftOnSecurity/sysmon-config
[105] https://osquery.io/
[106] https://github.com/facebook/osquery
[107] https://github.com/palantir/osquery-configuration
[108] https://github.com/palantir/osquery-configuration/blob/master/Classic/Servers/Linux/osquery.conf
[109] https://github.com/kolide/fleet
[110] https://github.com/airbnb/streamalert
[111] https://www.elastic.co/cn/solutions/security-analytics
[112] https://github.com/elastic/beats
[113] https://sysdig.com/
[114] https://github.com/draios/sysdig
[115] https://capsule8.com/
[116] https://github.com/capsule8/capsule8
[117] https://github.com/droberson/exec-logger
[118] https://github.com/a2o/snoopy
[119] https://github.com/leahneukirchen/extrace
[120] https://lwn.net/Articles/157150/
[121] https://github.com/cloudfoundry/gosigar/blob/master/psnotify/psnotify_linux.go
[122] https://github.com/dbrandt/proc_events
[123] https://github.com/facebook/osquery/tree/experimental/osquery/events/linux
[124] https://github.com/elastic/beats/tree/master/auditbeat
[125] https://github.com/elastic/go-libaudit
[126] https://github.com/slackhq/go-audit
[127] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-defining_audit_rules_and_controls#sec-Defining_Audit_Rules_with_the_auditctl_utility
[128] https://www.kernel.org/doc/Documentation/trace/tracepoints.txt
[129] https://github.com/draios/sysdig/tree/dev/driver
[130] https://github.com/draios/sysdig/blob/dev/driver/main.c
[131] https://lwn.net/Articles/740157/
[132] https://github.com/draios/sysdig/blob/dev/driver/bpf/
[133] https://github.com/draios/sysdig/blob/dev/driver/bpf/probe.c
[134] https://github.com/draios/sysdig/blob/dev/driver/bpf/maps.h
[135] https://github.com/torvalds/linux/blob/master/include/linux/bpf_types.h
[136] https://github.com/iovisor/bpftrace
[137] https://github.com/capsule8/capsule8/blob/master/pkg/sys/perf/monitor.go
[138] https://www.kernel.org/doc/Documentation/trace/kprobetrace.txt
[139] https://github.com/capsule8/capsule8/blob/master/pkg/sys/perf/source_linux.go
[140] https://github.com/capsule8/capsule8/blob/master/pkg/sensor/process.go
[141] https://docs.aws.amazon.com/inspector/latest/userguide/inspector_agents.html
[142] https://s3.amazonaws.com/aws-agent.us-east-1/linux/support/AwsAgentKernelModule.tar.gz
[143] https://github.com/ysrc/yulong-hids
[144] https://github.com/DianrongSecurity/AgentSmith-HIDS
[145] https://github.com/ysrc/yulong-hids/blob/master/syscall_hook/syscall_hook.c
[146] https://github.com/ysrc/yulong-hids/blob/master/syscall_hook/syscall_stub_hook.S
[147] http://www.kdvelectronics.eu/ssh-logging/ssh-logging.html
[148] https://www.zhoufengjie.cn/?p=174
[149] https://sourceforge.net/projects/ttyrpld/
[150] https://github.com/cloudposse/sudosh
[151] https://github.com/squash/sudosh2
[152] https://github.com/honeytrap/honeytrap
[153] https://github.com/thinkst/opencanary/
[154] https://github.com/0x4D31/honeybits
[155] http://canarytokens.org/generate
[156] https://github.com/thinkst/canarytokens
[157] https://github.com/libvmi/libvmi
[158] https://github.com/fireeye/rvmi
[159] https://github.com/honeytrap/honeytrap-agent
[160] https://github.com/honeytrap/honeytrap/blob/master/services/ssh/ssh-proxy.go
[161] https://github.com/GoSecure/pyrdp
[162] http://canarytokens.org/generate
[163] https://github.com/thinkst/canarytokens/blob/master/msword.py
[164] https://github.com/tokesr/honeytoken
[165] https://github.com/troydo42/CIA-Hacking-Tools/tree/master/Scribbles/
[166] https://github.com/thinkst/canarytokens/blob/master/ziplib.py
[167] https://github.com/thinkst/canarytokens/blob/master/sign_file.py
[168] http://grsecurity.net/
[169] http://grsecurity.net/features.php
[170] https://www.kernel.org/doc/html/latest/security/self-protection.html
[171] https://wiki.ubuntu.com/Security/Features
[172] https://patchwork.kernel.org/patch/9965207/
[173] https://www.openwall.com/lkrg/
[174] https://bitbucket.org/Adam_pi3/lkrg-main/
[175] https://www.kernel.org/doc/Documentation/kprobes.txt
[176] https://openwall.info/wiki/p_lkrg/Main
[177] https://github.com/Safe3/clean-cow
[178] https://github.com/cormander/tpe-lkm
[179] https://github.com/kkamagui/shadow-box-for-x86
[180] https://github.com/SpiderLabs/ModSecurity
[181] https://github.com/SpiderLabs/ModSecurity-nginx
[182] https://github.com/SpiderLabs/owasp-modsecurity-crs
[183] https://github.com/Flameeyes/modsec-flameeyes
[184] https://github.com/client9/libinjection
[185] https://github.com/wallarm/libdetection
[186] https://wallarm.com/
[187] https://github.com/wallarm/wallnet
[188] https://github.com/facebookincubator/katran
[189] https://www.iovisor.org/technology/xdp
[190] https://netdevconf.org/2.1/session.html?zhou
[191] https://github.com/tempesta-tech/tempesta
[192] https://github.com/tempesta-tech/tempesta/wiki/HTTP-cache-performance
[193] http://natsys-lab.blogspot.ru/2014/11/the-fast-finite-state-machine-for[194] http.html
[195] http://natsys-lab.blogspot.ru/2016/10/[196] http-strings-processing-using-csse42.html
[197] https://github.com/tempesta-tech/tempesta/wiki/DDoS-mitigation
[198] https://pan.baidu.com/s/13mowO
[199] https://github.com/kyprizel/testcookie-nginx-module
[200] http://ipset.netfilter.org/
[201] http://getrepsheet.com/
[202] https://github.com/repsheet/repsheet-nginx
[203] http://www.slideshare.net/abedra/knock-knock-24105973
[204] https://github.com/SpiderLabs/ModSecurity-nginx
[205] https://github.com/SpiderLabs/ModSecurity-apache
[206] https://github.com/SpiderLabs/ModSecurity
[207] https://github.com/SpiderLabs/ModSecurity-nginx/blob/master/src/ngx_[208] http_modsecurity_pre_access.c
[209] https://securitytrails.com/
[210] https://0x09al.github.io/waf/bypass/ssl/2018/07/02/web-application-firewall-bypass.html
[211] https://github.com/LandGrey/abuse-ssl-bypass-waf
[212] https://github.com/nccgroup/BurpSuiteHTTPSmuggler
[213] https://www.ietf.org/rfc/rfc2047.txt
[214] https://github.com/php/php-src/blob/master/main/rfc1867.c
[215] https://soroush.secproject.com/downloadable/A_Forgotten_HTTP_Invisibility_Cloak_v1.1.pdf
[216] https://github.com/sqlmapproject/sqlmap/tree/master/tamper
[217] https://websec.ca/kb/sql_injection
[218] https://pcre.org/pcre.txt
[219] https://github.com/client9/libinjection/issues/56
[220] https://waf.ninja/libinjection-fuzz-to-bypass/
[221] https://waf.ninja/libinjection-different-databases-fuzzing/
[222] https://waf.ninja/review-wafninja/
[223] https://dev.mysql.com/doc/refman/5.5/en/expressions.html
[224] https://www.prevoty.com/
[225] https://github.com/UpstandingHackers/hammer
[226] http://langsec.org/
[227] https://github.com/Geal/nom
[228] https://rasp.baidu.com/
[229] https://github.com/baidu/openrasp
[230] https://docs.oracle.com/javase/8/docs/platform/jvmti/jvmti.html
[231] https://docs.oracle.com/javase/7/docs/api/java/lang/instrument/Instrumentation.html
[232] https://docs.oracle.com/javase/specs/jvms/se7/html/jvms-4.html
[233] https://asm.ow2.io/javadoc/org/objectweb/asm/MethodVisitor.html
[234] https://blogs.oracle.com/poonam/jvm-hang-with-cms-collector
[235] http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/b955bd18e8fe
[236] http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/2c4cecfa5ce5
[237] http://hg.openjdk.java.net/jdk9/jdk9/hotspot/rev/031d1463ed4c
[238] http://www.phpinternalsbook.com/
[239] https://github.com/nim4/DBShield
[240] https://github.com/cossacklabs/acra
[241] https://github.com/uptimejp/sql_firewall
[242] https://github.com/mcafee/mysql-audit
[243] https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter
[244] https://github.com/Qihoo360/mysql-sniffer
[245] http://nbviewer.jupyter.org/github/ClickSecurity/data_hacking/blob/master/sql_injection/sql_injection.ipynb
[246] https://github.com/cloudsec/brootkit/
[247] https://github.com/ewust/ulrk
[248] https://github.com/Safe3/godpock/blob/master/Rootkit/mafix.tar.gz
[249] https://packetstormsecurity.com/files/download/10533/lrk5.src.tar.gz
[250] https://github.com/unix-thrust/beurk
[251] https://github.com/mempodippy/vlany
[252] https://github.com/m0nad/Diamorphine
[253] https://github.com/yaoyumeng/adore-ng/
[254] https://github.com/jiayy/lkm-rootkit
[255] https://github.com/f0rb1dd3n/Reptile
[256] https://github.com/falk3n/subversive
[257] https://github.com/elfmaster/kprobe_rootkit
[258] http://phrack.org/issues/58/7.html
[259] http://www.phrack.org/issues/68/6.html
[260] http://phrack.org/issues/68/11.html
[261] https://github.com/google/rekall/tree/master/tools/linux/lmap/lmap
[262] https://github.com/quarkslab/dreamboot
[263] https://github.com/ajkhoury/UEFI-Bootkit
[264] https://github.com/NextSecurity/Gozi-MBR-rootkit
[265] https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
[266] https://github.com/chesteroni/kitgen
[267] https://github.com/sgxrop/sgxrop
[268] https://arxiv.org/pdf/1902.03256.pdf
[269] https://lwn.net/Articles/682302/
[270] https://www.volatilityfoundation.org/
[271] https://github.com/monnappa22/linux_mem_diff_tool
[272] https://cysinfo.com/linux-memory-diff-analysis-using-volatility-2/
[273] https://gitlab.com/nowayout/prochunter
[274] https://github.com/nbulischeck/tyton
[275] https://nbulischeck.github.io/tyton/
[276] https://github.com/dgoulet/kjackal
[277] http://rkhunter.sourceforge.net/
[278] http://www.chkrootkit.org/download/
[279] http://www.blackhat.com/presentations/bh-europe-01/shaun-clowes/bh-europe-01-clowes.ppt
[280] https://github.com/gaffe23/linux-inject/
[281] https://www.clamav.net/
[282] https://github.com/malscan/malscan
[283] https://virustotal.github.io/yara/
[284] https://binaryalert.io/
[285] https://github.com/airbnb/binaryalert
[286] https://github.com/KasperskyLab/klara
[287] https://github.com/rastrea2r/rastrea2r
[288] https://github.com/Yara-Rules/rules
[289] https://github.com/InQuest/awesome-yara
[290] https://cuckoosandbox.org/
[291] https://github.com/mxmssh/drltrace
[292] https://github.com/AFAgarap/malware-classification
[293] https://github.com/ALFA-group/robust-adv-malware-detection
[294] https://github.com/surajr/Machine-Learning-approach-for-Malware-Detection
[295] https://github.com/mprhode/malware-prediction-rnn
[296] https://github.com/PUNCH-Cyber/stoq
[297] https://github.com/search?q=webshell
[298] https://github.com/tennc/webshell/tree/master/fuzzdb-webshell/servlet
[299] https://security.tencent.com/index.php/blog/msg/104
[300] https://4hou.win/wordpress/?p=20456
[301] https://github.com/rebeyond/memShell
[302] https://github.com/nbs-system/php-malware-finder
[303] https://github.com/sfaci/masc
[304] https://github.com/hi-WenR0/MLCheckWebshell
[305] https://paper.seebug.org/526/
[306] https://scanner.baidu.com/
[307] https://www.cisecurity.org/
[308] https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro/
[309] https://www.cisecurity.org/cis-benchmarks/
[310] https://www.cisecurity.org/controls/
[311] https://cisofy.com/lynis/
[312] https://github.com/CISOfy/Lynis
[313] https://www.inspec.io/docs/reference/resources/
[314] https://github.com/slimm609/checksec.sh
[315] https://www.rudder.io/en/
[316] https://aws.amazon.com/cn/guardduty/
[317] https://www.secviz.org/
[318] https://d3js.org/
[319] http://visjs.org/
[320] https://threejs.org/
[321] https://www.babylonjs.com/
[322] https://playcanvas.com/
[323] https://clickhouse.yandex/
[324] http://doris.incubator.apache.org/
[325] https://www.graylog.org/
[326] https://github.com/Neo23x0/sigma
[327] https://www.elastic.co/cn/products/stack
[328] https://github.com/elastic/beats
[329] https://www.elastic.co/cn/products/stack/machine-learning
[330] https://www.splunk.com/zh-hans_cn/software/user-behavior-analytics.html
[331] http://metron.apache.org/
[332] https://github.com/rob-med/awesome-TS-anomaly-detection
[333] https://github.com/yzhao062/anomaly-detection-resources
[334] https://github.com/hugegraph
[335] https://github.com/deepmind/graph_nets
[336] https://arxiv.org/pdf/1806.01261.pdf
[337] https://github.com/phantomcyber/playbooks
[338] https://github.com/StackStorm/st2
[339] https://github.com/Patrowl/
[340] https://github.com/mozilla/MozDef
[341] https://www.csa.gov.sg/legislation/supplementary-references
[342] https://continuumsecurity.net/
[343] https://github.com/continuumsecurity/bdd-security
[344] http://capec.mitre.org/data/definitions/3000.html
[345] https://github.com/mozilla/seasponge
[346] http://mozilla.github.io/seasponge/
[347] https://threatdragon.org/
[348] https://www.microsoft.com/en-us/download/details.aspx?id=49168
[349] https://github.com/google/vsaq
[350] https://github.com/OWASP/CheatSheetSeries/blob/master/Index.md
[351] https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-Quick_Reference_Guide [352] https://www.owasp.org/images/7/73/OWASP_SCP_Quick_Reference_Guide%28Chinese%29.pdf
[353] http://google.github.io/styleguide/
[354] https://github.com/alibaba/p3c
[355] https://github.com/spotbugs/spotbugs
[356] https://github.com/pumasecurity/puma-scan
[357] http://cppcheck.sourceforge.net/
[358] https://github.com/fossology/fossology
[359] https://github.com/jeremylong/DependencyCheck
[360] https://github.com/snyk/snyk
[361] https://github.com/srcclr/efda
[362] https://github.com/ESAPI/
[363] https://github.com/eggjs/egg-security
[364] https://eggjs.org/zh-cn/core/security.html
[365] https://docs.spring.io/spring-security/site/docs/5.0.x/reference/html/
[366] https://github.com/cure53/DOMPurify
[367] http://rips-scanner.sourceforge.net/
[368] https://github.com/designsecurity/progpilot
[369] https://github.com/globocom/huskyci
[370] http://fb-contrib.sourceforge.net/
[371] http://find-sec-bugs.github.io/
[372] https://dwheeler.com/flawfinder/
[373] https://github.com/facebook/infer
[374] https://docs.sonarqube.org/display/PLUG
[375] https://www.sonarlint.org/
[376] https://www.sonarqube.org/
[377] https://github.com/SonarSource/sonarqube
[378] https://rules.sonarsource.com/
[379] https://github.com/michenriksen/gitrob
[380] https://github.com/flipkart-incubator/Astra
[381] https://github.com/YalcinYolalan/WSSAT
[382] https://github.com/zaproxy/zaproxy
[383] https://github.com/fuzzdb-project/fuzzdb
[384] https://github.com/linkedin/qark
[385] https://appcritique.boozallen.com/
[386] https://github.com/laruence/taint
[387] https://researcher.watson.ibm.com/researcher/files/us-msteiner/php.nyphp.ppt
[388] https://www.usenix.org/legacy/event/webapps11/tech/final_files/webapps11_proceedings.pdf
[389] https://github.com/jpapayan/aspis
[390] https://github.com/cdaller/security_taint_propagation
[391] https://www.blackhat.com/presentations/bh-dc-08/Chess-West/Presentation/bh-dc-08-chess-west.pdf
[392] https://www.owasp.org/images/2/2e/OWASP_Code_Review_Guide-V1_1.pdf
[393] https://www.peach.tech/products/peach-fuzzer/
[394] https://llvm.org/devmtg/2015-10/slides/SerebryanyCollingbourne-BeyondSanitizers.pdf
[395] https://github.com/google/oss-fuzz
[396] https://github.com/secfigo/Awesome-Fuzzing
[397] https://github.com/octopus-platform/joern
[398] http://www.mlsec.org/joern/docs.shtml
[399] https://github.com/MobSF/Mobile-Security-Framework-MobSF
[400] https://labs.mwrinfosecurity.com/tools/drozer/
[401] https://github.com/mwrlabs/needle
[402] https://github.com/alibaba/iOSSecAudit
[403] https://github.com/secmobi/wiki.secmobi.com
[404] https://appsecwiki.com/#/mobilesecurity
[405] https://github.com/OWASP/owasp-mstg
[406] https://klee.github.io/
[407] https://angr.io/
[408] https://github.com/angr/angr
[409] https://github.com/radare/radare2
[410] https://github.com/Gallopsled/pwntools
[411] https://github.com/apsdehal/awesome-ctf
[412] https://github.com/malicious0x01/Awesome-Vulnerability-Research
[413] https://github.com/nebgnahz/awesome-iot-hacks
[414] https://www.owasp.org/index.php/OWASP_Testing_Project
[415] https://www.owasp.org/images/1/19/OTGv4.pdf
[416] https://github.com/hashicorp/vault
[417] https://www.vaultproject.io/
[418] https://cn.aliyun.com/product/dms
[419] https://help.aliyun.com/document_detail/47550.html
[420] https://github.com/cookieY/Yearning
[421] https://github.com/jumpserver/jumpserver
[422] https://guacamole.apache.org/
[423] https://www.kali.org/
[424] https://linux.backbox.org/
[425] https://www.parrotsec.org/
[426] http://www.deftlinux.net/
[427] https://www.metasploit.com/
[428] https://github.com/n1nj4sec/pupy
[429] https://github.com/stevenaldinger/decker
[430] https://github.com/gyoisamurai/GyoiThon
[431] https://github.com/enaqx/awesome-pentest
[432] https://github.com/mozilla/mig
[433] https://github.com/TheHive-Project/TheHive
[434] https://github.com/flyve-mdm
[435] https://github.com/bryanpkc/corkscrew
[436] https://cloud.google.com/beyondcorp/?hl=zh-cn
[437] https://github.com/Valve/fingerprintjs2
[438] https://github.com/jackspirou/clientjs
[439] https://github.com/ay-kay/unique
[440] https://github.com/salesforce/pixel-captcha-project
[441] https://github.com/ecthros/uncaptcha2
[442] https://www.drools.org/
[443] https://github.com/jdereg/n-cube
[444] https://www.h2o.ai/solutions/usecases/
[445] https://www.slideshare.net/0xdata/paypal-fraud-detection-with-deep-learning-in-h2o-presentationh2oworld2014
[446] https://shiring.github.io/machine_learning/2017/05/01/fraud
[447] https://ieeexplore.ieee.org/abstract/document/7838276
[448] https://zhuanlan.zhihu.com/p/36530032
[449] http://ramok.tech/2017/09/08/fraud-detection-with-java-and-spark-mlib/
[450] https://github.com/klevis/frauddetection
[451] https://github.com/GitiHubi/deepAI
[452] https://github.com/yazanobeidi/fraud-detection
[453] https://github.com/entrepreneur-interet-general/graph-explorer
[454] https://neo4j.com/use-cases/fraud-detection/
[455] https://www.dataguise.com/
[456] https://www.ibm.com/security/data-security/guardium
[457] https://www.microfocus.com/en-us/products/voltage-data-encryption-security/overview
[458] http://sentry.apache.org/
[459] http://knox.apache.org/
[460] http://ranger.apache.org/
[461] http://eagle.apache.org/
[462] https://github.com/troydo42/CIA-Hacking-Tools/tree/master/Scribbles/
[463] https://github.com/arx-deidentifier/arx
[464] https://github.com/uber/sql-differential-privacy
[465] https://github.com/google/rappor
[466] https://github.com/rdragos/awesome-mpc
[467] https://github.com/shaih/HElib
[468] http://di.baidu.com/product/calc
[469] https://github.com/hugegraph/hugegraph
[470] http://www.trustedcomputinggroup.org/
[471] https://github.com/PeterHuewe/tpm-emulator
[472] http://sourceforge.net/projects/trousers
[473] http://ibmswtpm.sourceforge.net/
[474] https://sourceforge.net/p/linux-ima/wiki/Home/
[475] https://github.com/pwnall/sanctum
[476] https://keystone-enclave.org/
[477] https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerberus
[478] https://cloud.google.com/blog/products/gcp/titan-in-depth-security-in-plaintext
[479] https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerberus
[480] https://github.com/keystone-enclave/
[481] https://github.com/jirislaby/ksplice
[482] https://ksplice.oracle.com/
[483] https://github.com/useidel/kgraft-tools
[484] https://git.kernel.org/pub/scm/linux/kernel/git/jirislaby/kgraft.git/
[485] https://www.suse.com/media/presentation/kGraft.pdf
[486] https://github.com/dynup/kpatch
[487] https://github.com/torvalds/linux/tree/master/kernel/livepatch
[488] https://www.kernel.org/doc/Documentation/livepatch/livepatch.txt
[489] https://www.kernelcare.com/
[490] http://patches.kernelcare.com/kmod_kcare.tar.gz
[491] https://github.com/cloudlinux/libcare
[492] http://firecracker-microvm.io/
[493] https://github.com/firecracker-microvm/firecracker
[494] https://chromium.googlesource.com/chromiumos/platform/crosvm/
[495] https://android.googlesource.com/platform/external/minijail/
[496] https://www.twistlock.com/
[497] https://github.com/coreos/clair
[498] https://github.com/eliasgranderubio/dagda
[499] https://github.com/anchore/anchore-engine
[500] https://github.com/goharbor/harbor
[501] https://katacontainers.io/
[502] https://github.com/kata-containers/runtime
[503] https://github.com/firecracker-microvm/firecracker-containerd
[504] https://github.com/google/gvisor
[505] https://www.projectcalico.org/
[506] https://github.com/projectcalico
[507] https://cilium.io/
[508] https://github.com/cilium/cilium
[509] https://www.aporeto.com/opensource/
[510] https://github.com/aporeto-inc/trireme-lib
[511] https://falco.org/
[512] https://github.com/falcosecurity/falco
[513] https://github.com/falcosecurity/falco/tree/dev/rules
[514] https://github.com/capsule8/capsule8
[515] https://github.com/docker/docker-bench-security
[516] https://github.com/kost/dockscan
[517] https://www.open-scap.org/resources/documentation/security-compliance-of-rhel7-docker-containers/
[518] https://docs.docker.com/compliance/
[519] https://github.com/chromium/chromium/blob/master/docs/design/sandbox.md
[520] https://github.com/chromium/chromium/tree/master/sandbox/win
[521] https://github.com/chromium/chromium/blob/master/docs/linux_sandboxing.md
[522] https://github.com/chromium/chromium/tree/master/sandbox/linux
[523] https://github.com/alibaba/JVM-Sandbox
[524] https://cuckoosandbox.org/
[525] https://github.com/cuckoosandbox
[526] https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing
[527] https://android.googlesource.com/platform/external/minijail/
[528] https://chromium.googlesource.com/chromiumos/docs/+/master/sandboxing.md
[529] https://github.com/projectatomic/bubblewrap
[530] https://github.com/google/sandboxed-api
[531] https://www.coursera.org/learn/machine-learning
[532] https://github.com/ZuzooVn/machine-learning-for-software-engineers
[533] https://github.com/imhuay/Algorithm_Interview_Notes-Chinese
[534] https://github.com/kk7nc/Text_Classification
[535] https://www.featuretools.com/
[536] https://github.com/scikit-learn-contrib/boruta_py
[537] https://github.com/hyperopt/hyperopt-sklearn
[538] https://github.com/AxeldeRomblay/MLBox
[539] https://github.com/ClimbsRocks/auto_ml
[540] https://github.com/h2oai/h2o-3
[541] https://github.com/endgameinc/dga_predict
[542] https://github.com/chwress/salad
[543] https://github.com/PositiveTechnologies/seq2seq-web-attack-detection
[544] https://github.com/makemytrip/dataShark
[545] https://github.com/georgymh/ml-fraud-detection
[546] https://github.com/klevis/frauddetection
[547] https://github.com/AFAgarap/malware-classification
[548] https://github.com/honeynet/cuckooml
[549] https://github.com/hgascon/adagio
[550] https://github.com/hgascon/pulsar
[551] https://code.fb.com/developer-tools/getafix-how-facebook-tools-learn-to-fix-bugs-automatically/
[552] https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit
[553] http://web.stanford.edu/class/cs259d/
[554] https://github.com/PacktPublishing/Mastering-Machine-Learning-for-Penetration-Testing
[555] https://github.com/SuperCowPowers/data_hacking
[556] https://github.com/13o-bbr-bbq/machine_learning_security
[557] http://www.covert.io/
[558] https://github.com/jivoi/awesome-ml-for-cybersecurity
[559] https://arxiv.org/abs/1412.6572
[560] https://github.com/tensorflow/cleverhans
[561] https://github.com/baidu/AdvBox
[562] https://github.com/liftoff/pyminifier
[563] https://github.com/QQuick/Opy
[564] https://github.com/dashingsoft/pyarmor
[565] https://arxiv.org/abs/1610.05755v3
[566] https://github.com/tensorflow/privacy
[567] https://github.com/google/nsjail
[568] https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html
[569] https://pqcrypto.org/
[570] https://microsoft.github.io/Picnic/
[571] https://openquantumsafe.org/
[572] https://github.com/open-quantum-safe/liboqs
[573] https://github.com/cloudflare/circl

参考链接:

大型互联网企业安全架构
http://www.broadview.com.cn/book/5241

=END=

声明: 除非注明,ixyzero.com文章均为原创,转载请以链接形式标明本文地址,谢谢!
https://ixyzero.com/blog/archives/4925.html

发表评论

电子邮件地址不会被公开。 必填项已用*标注