产品的web主控端... 内⽹⽇志服务器 内⽹补丁服务器 内⽹各类OA,ERP,CRM,SRM,HR系统... 内⽹打印服务器 内⽹ MES 系统 内⽹虚拟化服务器 / 超融合平台 [Vmware ESX] 内⽹堡垒机... 内⽹运维,研发 部⻔员⼯的机器 内⽹路由,交换设备... 等等等... 针对以上的各种常规内⽹探测扫描,其实在流量上都会有⾮常清晰的表现 通过在⼀

proceeds the data • Put the data in • Fast to use • Can lose subtle contexts • Good for exploitation; not for exploration & change Sense-making Frameworks Sense-making framework - the data proceeds proceeds the framework • Capture the data • Patterns emerge from the data • Provides context and awareness • Good for non-trivial domainsObvious • Cause & Effect Relationships exist • Relationships Belief in past success makes one invulnerable to failure • It’s a cliff - don’t fall off - recovery is EXPENSIVE • Crisis will often cause the fall • Limit what is moved to Obvious; highly vulnerable

Enable working towards shared goals ii. See problems as they occur iii. Enable quick detection & recovery iv. Ensure features operate as intended and achieve organizational goals 2. Ch. 14 – Create Telemetry problem-solving. ii. Telemetry – An automated communications process by which measurements and other data are collected at remote points and are subsequently transmitted to receiving equipment for monitoring development. Operations don’t just monitor what’s up or down. ii. Modern Monitoring architecture 1. Data Collection at business logic, application, & environments layer a. Events, logs, & metrics b. Common

with our deployment pipeline iv. Integrate security with our telemetry for better detection and recovery v. Protect our deployment pipeline vi. Integrate our deployment activities with our change approval known vulnerabilities and consolidate multiple versions of the same library iii. 2014 Verizon PCI Data Breach Investigation Report – studies over 85K cardholder breaches. 10 vulnerabilities accounted environments with infrastructure-as-code and auto- scaling. Must create alternatives methods of providing the data to show auditors controls are in place and operating. 1. Work closely to identify the evidence needed

environment. Production failure rate: how often software fails during production. Mean-time to recovery: how long it takes applications in the production stage to recover from failure. Key Principles

small-medium-large as units for assigning story points. Over time, as the teams accumulate performance data, this iterative and incremental4 process improves accuracy in allocating points. Point values are typically is the contractor team of software developers, including software and security engineers, data specialists, testers, quality assurance, and configuration managers. Ideally these participants capability standpoint must also be flexible.22 Figure 13: Example of Requirements Documentation (Data Source: JCIDS Manual) 8.1.2 Aligning IT Box Requirements to Agile Development The IS ICD provides

Operations to improve outcomes 2. Ch. 9 – Create the Foundations of Our Deployment Pipeline a. Enterprise Data Warehouse program by Em Campbell-Pretty - $200M, All streams of work were significantly behind schedule Application code & dependencies 2. Environment scripts & creation tools 3. DB scripts and reference data 4. Containers 5. Automated tests 6. Project artifacts – documentation, procedures, etc. 7. Application Smoke testing our deployments – test connections to supporting services and systems, run sample data/transaction tests, fail deployment if needed 3. Ensure we maintain consistent environments – continually

environment and ensuring service levels are met v. Infosec – team responsible for securing systems and data vi. Release Managers – the people responsible for coordinating the production deployment processes PLANNING HORIZONS SHORT i. Act like a startup, strive to generate measurable improvement or actionable data within weeks f. RESERVE 20% OF CYCLES FOR NON-FUNCTIONAL REQUIREMENTS AND REDUCING TECHNICAL DEBT

and other version control tasks. As a distributed revision control system it is aimed at speed, data integrity, and support for distributed, non-linear workflows https://try.github.io/levels/1/challenges/1

3rd Party Application Installations  Route Adds – requires heightened security access  Database Data Script Execution  Load Balancer Node Disablement  OS and Security Patching  Requesting access