wazuh学习和部署-爱代码爱编程
#####################################################
Security information management (安全信息管理)
Security Events 安全事件
Integrity Monitoring 完整性监控
inventory data 配置数据
Auditing and Policy Monitoring (审计和策略监控)
Policy Monitoring 策略监控
System Auditing 系统审计
Security configuration assessment 安全配置评估
Threat detection and response (威胁检测和响应)
Vulnerabilities 漏洞
----Discover what applications in your environment are affected By well-know vulnerabilities.
MITRE ATT&CK MITRE 攻击框架
----security events from the knowledge base of adversary tactics and techniques based on real-world observations
(对抗策略和技术知识库中的安全事件(基于真实世界的观察))
参考 https://attack.mitre.org/matrices/enterprise/
Regulatory Compliance (法律合规性)
PCI DSS (Payment Card Industry (PCI) Data Security Standard) 支付行业数据安全标准
GDPR (General Data Protection Regulation) 通用数据保护条例 欧盟发布的标准
HIPAA (Health Insurance Portability and Accountability Act) 健康保险隐私及责任法案
NIST 800-53 (The National Institute of Standards and Technology) 美国国家标准技术研究院 美国国家标准技术研究院特殊出版物800-53
TSC/SOC (Trust Services Criteria )信任服务标准
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。 本文链接: https://blog.csdn.net/zq315749330/article/details/110994806