A carregar...
Publicação
Desenvolvimento de um Sistema de Partilha de Informações Sobre Ameaças à Cibersegurança
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 1.87 MB | Adobe PDF |
Autores
Orientador(es)
Resumo(s)
Robust cybersecurity procedures are crucial today, given the increasing cyber threats and the
rapidly evolving digital environment, especially for large corporations like Altice Portugal. The
world is becoming increasingly dependent on digital technologies, which means that stringent
cybersecurity measures are more necessary than ever. This project recognizes the vital role that
Threat Intelligence (TI) plays in strengthening defenses against zero-day threats, embarking on a
critical investigation of cybersecurity concerns in this dynamic environment.
The goal of this project is the creation of a new central system whose goal is to collect cybersecurity threats from several sources, including 0-day-threats integrating all this information
in the Altice Portugal MISP. During the project, existing information sources were evaluated and
new sources of vulnerabilities, exploits, and malware were explored, comparing the data with the
company’s internal knowledge to assess the relevance of these threats. Threats identified as zeroday are stored in MISP, allowing for better management and sharing of information about cyber
threats. Additionally, the project aims to obtain information that could compromise the company’s
assets, integrating indicators of compromise (IOCs) into QRadar and Graylog, thereby improving
the ability to monitor and respond quickly to threats.
Furthermore, a detailed asset inventory was conducted at the application level, gathering information about applications running on the company’s servers and PCs.
With the new system, there was an anticipation in obtaining information about zero-day threats,
and threats were identified that, even after a month, had still not been adequately described by internal correlation sources.
Descrição
Trabalho de projeto de mestrado, Engenharia Informática, 2024, Universidade de Lisboa, Faculdade de Ciências
Palavras-chave
Vulnerabilidades Threat Intelligence Dia-Zero Exploits Malware Trabalhos de projeto de mestrado - 2024