資源中心

如何在攻擊發生前掌握資安防禦與事件應變的能力？奧義智慧最新推出的 XCockpit 自動化威脅曝險管理平台，是我國經濟部選擇的解決方案之一。

奧義智慧最新發布的 EASM 白皮書深入解析了網路世界的快速演變，並揭示了新興技術帶來的數位資產風險。基於 Gartner 2022 年提出的 CTEM（持續威脅曝露管理）概念，本白皮書針對六大產業、八大風險類別、共計 233 項資安風險，進行了詳盡調查。藉由預視並量化企業的資安風險，提供具體的防禦策略建議。 立即下載，掌握動態數位安全的關鍵洞察，為您的企業制定系統化且能有效降低曝險風險的資安防護計劃。

奧義智慧研究團隊分析了 27 個臺灣上市公司、A 級政府機關和醫療衛生機構，總計調查了 46 個 AD Domains、1,057,000 個物件。透過實際場域的數據，這份報告佐證了現今 Active Directory 場域普遍存在的管理問題與安全隱患，例如：各種 AD 安全性問題（明文密碼、密碼破解、權限設定錯誤……）、企業使用上的設定錯誤等問題。讀者可透過這份報告提到的各種問題，審視自身場域是否存在相同的安全性問題，進一步檢視自身企業的強化計畫與管理政策是否完備。

本文將針對 Active Directory 在 IT 管理中的重要性、駭侵攻擊手法、常見安全措施進行介紹，並解析各個防禦方式的應用情境與有效性，幫助您更清楚應如何建立有效、確實的 AD 資安防禦措施，在資訊戰的猛烈砲火中，限縮網路邊界、開闢出一條安全之路。

奧義智慧科技研究團隊耗時 7 個月，深入研究台灣近 200 家上市櫃企業、重要政府單位及醫療機構。我們專注探討三個關鍵議題：企業外部曝險、內部 Active Directory (AD) 管理設定，以及紅藍隊演練評估，在白皮書中詳述各議題的重要性、風險原因、案例分析、技術手法與應對建議。

This threat report provides an analysis of the advanced persistent threat (APT) attacks that have occurred during the past two years on the semiconductor industry. Our research shows that the majority of these attacks were concentrated on the Taiwan semiconductor sector.

CraftCon Taiwan 奧義 AI 資安年會已於 7 月 12 日圓滿結束，為了讓參與的會眾能複習當日的精采議程，奧義智慧率先公開當日的議程簡報，歡迎下載！

Organizations are struggling to secure complex, changing hybrid cloud/on-premise environments, legacy and modern systems, cross-region operations, working from home employees, with high availability, compliance and ease-of-use requirements. Combined with trying to operate a multi-tiered SOC (Security Operations Center) and hire and retain hard-to-find security talent while facing a barrage of alerts and undetected attacks from ever-aggressive, persistent and sophisticated cyber threats and actors, makes true cyber security seem like an impossible dream to most organizations.

This report provides an analysis of the increasing adoption of effective MDR, AI, and Automation and indicates CyCraft can secure small, medium, and large orgs with its AI technology.

This report not only highlights some of the threats that have been targeting Taiwan and the adversarial techniques, tactics, and procedures these threats have employed but also views these threats in terms of the overall Taiwan cyber landscape.

The CyCarrier AIR platform was able to shorten the pre-acquisition cybersecurity investigation from several months to just a few days, reducing investigation time by over 99%.