{"id":273,"date":"2007-10-19T09:24:12","date_gmt":"2007-10-19T12:24:12","guid":{"rendered":"http:\/\/talsoft.com.ar\/weblog\/?p=273"},"modified":"2007-10-19T09:24:12","modified_gmt":"2007-10-19T12:24:12","slug":"guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas","status":"publish","type":"post","link":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/","title":{"rendered":"Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas"},"content":{"rendered":"

Las empresas y usuarios particulares invierten, y muchas veces dilapidan, grandes partidas presupuestarias para protegerse de las amenazas externas. Firewalls, IDS, IPS, antivirus, defensas perimetrales, test de penetraci\u00c3\u00b3n \u00e2\u20ac\u00a6 la cantidad de productos y servicios pensados para protegernos de puertas hacia afuera es infinita.<\/p>\n

Pero, \u00c2\u00bfqu\u00c3\u00a9 pasa con las amenazas que vienen desde dentro del per\u00c3\u00admetro? Ah\u00c3\u00ad es donde muchas de las medidas fallan, porque para encontrar amenazas internas y remediarlas no basta con colocar un producto, o hacer un repaso de las vulnerabilidades de las m\u00c3\u00a1quinas. Si pensamos que con eso hemos mitigado los riesgos, nos estamos equivocando y severamente.<\/p>\n

Las amenazas internas se diferencian de las externas en algo muy intuitivo, pero en lo que no siempre pensamos: el atacante interno conoce la organizaci\u00c3\u00b3n y la infraestructura. No le hace falta enumerar servicios en puertos a la escucha, porque sabe qu\u00c3\u00a9 corre en cada m\u00c3\u00a1quina. No le hace falta hacer evasiones en IDS\/IPS, porque est\u00c3\u00a1 en un segmento de la red que no registra actividades inusuales. En definitiva, no tiene que hacer una intrusi\u00c3\u00b3n, porque ya est\u00c3\u00a1 dentro, y generalmente tendr\u00c3\u00a1 acceso a cosas que un atacante externo nunca ver\u00c3\u00a1, ya sea un mainframe, un sistema distribu\u00c3\u00addo o cualquier otro aplicativo que corra en segmentos filtrados al exterior.<\/p>\n

La mejor defensa para poder detectar y pevenir las amenazas internas es la concienciaci\u00c3\u00b3n y la aplicaci\u00c3\u00b3n del menos com\u00c3\u00ban de los sentidos, el sentido com\u00c3\u00ban. Al hilo de este argumento, os enlazo el paper Common Sense Guide to Prevention and Detection of Insider Threats, publicado por el US-CERT (United States Computer Emergency Readiness Team) en el que se trata con acierto y sencillez este grave problema al que se enfrentan las organizaciones.
\nFuente: http:\/\/www.sahw.com\/wp\/<\/a><\/p>\n

Link :Common Sense Guide to Prevention and Detection of Insider Threats<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Las empresas y usuarios particulares invierten, y muchas veces dilapidan, grandes partidas presupuestarias para protegerse de las amenazas externas. Firewalls, IDS, IPS, antivirus, defensas perimetrales, test de penetraci\u00c3\u00b3n \u00e2\u20ac\u00a6 la cantidad de productos y servicios pensados para protegernos de puertas hacia afuera es infinita. Pero, \u00c2\u00bfqu\u00c3\u00a9 pasa con las amenazas que vienen desde dentro del […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-273","post","type-post","status-publish","format-standard","hentry","category-profesional"],"yoast_head":"\nTalSoft - Seguridad Inform\u00e1tica Empresarial - Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas<\/title>\n<meta name=\"description\" content=\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Leandro Ferrari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\"},\"author\":{\"name\":\"Leandro Ferrari\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\"},\"headline\":\"Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas\",\"datePublished\":\"2007-10-19T12:24:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\"},\"wordCount\":324,\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"articleSection\":[\"Profesional\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\",\"name\":\"TalSoft - Seguridad Inform\u00e1tica Empresarial - Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\"},\"datePublished\":\"2007-10-19T12:24:12+00:00\",\"description\":\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"name\":\"TalSoft TS - Services IT Security\",\"description\":\"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.\",\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\",\"name\":\"Talsoft TS\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"contentUrl\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"width\":270,\"height\":125,\"caption\":\"Talsoft TS\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/talsoftsrl\",\"https:\/\/x.com\/talsoft\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\",\"name\":\"Leandro Ferrari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"caption\":\"Leandro Ferrari\"},\"sameAs\":[\"http:\/\/www.talsoft.com.ar\",\"https:\/\/www.facebook.com\/talsoftsrl\/\",\"https:\/\/x.com\/avatar_leandro\"],\"url\":\"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/","twitter_misc":{"Written by":"Leandro Ferrari","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/#article","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/"},"author":{"name":"Leandro Ferrari","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8"},"headline":"Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas","datePublished":"2007-10-19T12:24:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/"},"wordCount":324,"publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"articleSection":["Profesional"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/","url":"https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/","name":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Gu\u00c3\u00ada US-CERT para la prevenci\u00c3\u00b3n y detecci\u00c3\u00b3n de amenazas internas","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/#website"},"datePublished":"2007-10-19T12:24:12+00:00","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.talsoft-security.com\/site\/guia-us-cert-para-la-prevencion-y-deteccion-de-amenazas-internas\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.talsoft-security.com\/site\/#website","url":"https:\/\/www.talsoft-security.com\/site\/","name":"TalSoft TS - Services IT Security","description":"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.","publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.talsoft-security.com\/site\/#organization","name":"Talsoft TS","url":"https:\/\/www.talsoft-security.com\/site\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/","url":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","contentUrl":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","width":270,"height":125,"caption":"Talsoft TS"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/talsoftsrl","https:\/\/x.com\/talsoft"]},{"@type":"Person","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8","name":"Leandro Ferrari","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","caption":"Leandro Ferrari"},"sameAs":["http:\/\/www.talsoft.com.ar","https:\/\/www.facebook.com\/talsoftsrl\/","https:\/\/x.com\/avatar_leandro"],"url":"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/"}]}},"_links":{"self":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/comments?post=273"}],"version-history":[{"count":0,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/273\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/media?parent=273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/categories?post=273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/tags?post=273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}