Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CloudTailをAzure Sentinelで 分析するということ

fnifni
May 20, 2021
Technology
1
180

CloudTailをAzure Sentinelで 分析するということ

Security JAWS #21で登壇したセッション資料です

fnifni

May 20, 2021
Tweet

More Decks by fnifni

See All by fnifni
生成AIのガバナンスとこれから
fnifni
0
76
AWS re:Inforce 2024 に コミュニティから登壇してきた話
fnifni
0
18
COM224: How organizations are actually applying AWS security best practices
fnifni
0
22
BsidesTokyo2024_AWSセキュリティの ベストプラクティスに関する 利用実態調査のレポートの紹介
fnifni
0
20
re:Inforce2024-recap_英語力ゴミカスでもフル英語登壇を乗り切る成功メソッド
fnifni
0
92
信頼ルールはGoogle Drive共有の孫の手になるか?
fnifni
0
160
ゼロトラスト導入支援ってどんなことやってるの?
fnifni
0
47
ログの話
fnifni
0
55
re:Inforce 2021 ReCap
fnifni
0
180

Other Decks in Technology

See All in Technology
たった1人からはじめる【Agile Community of Practice】~ソース原理とFearless Changeを添えて~
ktc_corporate_it
1
200
突撃! 隣のAmazon Bedrockユーザー 〜YouはどうしてAWSで?〜
minorun365
PRO
3
330
Developer Experienceを向上させる基盤づくりの取り組み事例集
coconala_engineer
0
120
ビジネスとエンジニアリングを繋ぐプロダクトを中心とした組織づくりの実践
sansantech
PRO
1
170
音声AIエージェントの世界とRetell AI入門 / Introduction to the World of Voice AI Agents and Retell AI
rkaga
5
920
Oracle Exadata Database Service(Dedicated Infrastructure):サービス概要のご紹介
oracle4engineer
PRO
0
9.5k
20240906_JAWS_Yamanashi_#1_leap_beyond_the_AWS_all_certifications
tsumita
1
280
リアルお遍路+SORACOM IoT
ozk009
1
120
エンジニア視点で見る、
組織で運用されるデザインシステムにするには
shunya078
1
300
Fediverse Discovery Providers overview
andypiper
0
150
CRTO/CRTL/OSEPの比較・勉強法とAV/EDRの検知実験
chayakonanaika
1
1.1k
Google CloudのLLM活用の選択肢を広げるVertex AIのパートナーモデル
nayuts
0
110

Featured

See All Featured
Six Lessons from altMBA
skipperchong
26
3.3k
What's in a price? How to price your products and services
michaelherold
242
11k
Code Reviewing Like a Champion
maltzj
518
39k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
109
6.9k
Agile that works and the tools we love
rasmusluckow
327
20k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
157
15k
A Tale of Four Properties
chriscoyier
155
22k
The Invisible Customer
myddelton
119
13k
Side Projects
sachag
451
42k
Principles of Awesome APIs and How to Build Them.
keavy
125
16k
Typedesign – Prime Four
hannesfritz
39
2.3k
Web development in the modern age
philhawksworth
204
10k

Transcript

  1. It means analyzing CloudTail with Azure Sentinel. A little bit

    of the depths of log analysis in the cloud. By Hirokazu Yoshida / At S-JAWS#21 / 2021.05.19

  2. CloudTailΛAzure SentinelͰ ෼ੳ͢Δͱ͍͏͜ͱ Ϋϥ΢υʹ͓͚Δϩά෼ੳͷਂ෵Λ΄Μͷগ͠ ٢ాͻΖ͔ͣ / S-JAWS#21 / 2021.05.19

  3. Who am I !? Hirokazu Yoshida @ CloudNative Inc. Job

    : Security Engineer Community : Security-JAWS Favorite AWS Service :

  4. Attention !! • ຊηογϣϯ͸ɺݸਓͷݟղʹجͮ͘΋ͷͰ͢ • ॴଐ͢ΔاۀɺஂମͷҙݟΛ୅ද͢Δ΋ͷͰ͸͋Γ·ͤΜ • Azure Sentinelࣗମͷࡉ͔͍આ໌͸͠·ͤΜ •

    ΍΍ܹࢗతͳදݱ΍ԋग़͕͋Γ·͕͢ɺ͓ؾָʹฉ͍͍ͯͩ͘͞

  5. ॳΊʹݴ͓͖ͬͯ·͢ͱ

  6. ϩάΛ෼ੳ͢Δ͚ͩͳΒ ޷͖ͳπʔϧΛ࢖͏ͱ͍͍Ͱ͢

  7. ͳͥͳΒ͹

  8. ෼ੳ͢Δ໨తʹΑͬͯ ѻ͏ਓ΍ର৅ϩάɺඞཁͳػೳ͕ ҟͳΔ͔Β

  9. ͦΜͳதͰ Θ͟Θ͟Azure SentinelΛ ҾͬுΓग़͢࿩Λ͠·͢

  10. Today's Souvenir • ୭͕ԿͷͨΊʹϩά෼ੳͯ͠ɺԿΛಘΒΕΕ͹Α͔ͬͨͷʁ 
 ʹཱͪฦΔΩοΧέ • ͻΐͬͱͨ͠ΒनΘΕ͍ͯΔݻఆ؍೦ͷଧഁͷख͕͔Γ • ͓ֆ͔͖͕ಘҙͳਓʹͪΐͬͱͨ͠ؾ͖ͮ

  11. AWSͷϩάͬͯ ͲΜͳͷ͕͚͋ͬͨͬʁ

  12. What are AWS logs? • CloudTrail • Con fi gมߋཤྺϩά

    • ELBܥΞΫηεϩά • CloudFrontඪ४ϩά • AWS WAFτϥϑΟοΫϩά • S3αʔόʔΞΫηεϩά • CloudWatch Logsʹྲྀͨ͠΋ͷ • RDS DBϩά, VPC Flow Logs, ECS(k8s) 
 Fargate, Lambda, FileGateway etc… • Security Hub Findings • GuardDuty, Inspector, Macie, 
 Firewall Manager, Systems Manager, 
 IAM Access Analyzer

  13. Today's Scope • CloudTrail • Con fi gมߋཤྺϩά • ELBܥΞΫηεϩά

    • CloudFrontඪ४ϩά • AWS WAFτϥϑΟοΫϩά • S3αʔόʔΞΫηεϩά • CloudWatch Logsʹྲྀͨ͠΋ͷ • RDS DBϩά, VPC Flow Logs, ECS(k8s) 
 Fargate, Lambda, FileGateway etc… • Security Hub Findings • GuardDuty, Inspector, Macie, 
 Firewall Manager, Systems Manager, 
 IAM Access Analyzer

  14. ͜Ε͚ͩʁ

  15. ΍ͬͺɺϩά͸Ұݩ؅ཧ ҰͭͷγεςϜͰ෼ੳͰ͖ͳ͍ͱͶʂ

  16. Ͱ͸ɺ 
 AWSͷϩά͕໢ཏ͞Ε͍ͯΕ͹ ͍͍ΜͰ͚ͨͬ͠ʁ

  17. What is the scope of your business?

  18. Should I have only looked at the AWS logs? •

    Operations Cloud Hopper • MSPΛඪతͱͨ͠߈ܸΩϟϯϖʔϯ • ҰछͷαϓϥΠνΣʔϯ߈ܸ • ϚΠωοτάϧʔϓ͕ӡӦ͢ΔҰ෦ήʔϜλΠτϧͷαʔόʔো֐ͷ͓ ஌Βͤͱ͓࿳ͼ • Ϗδωενϟοτ্Ͱڞ༗͍ͯ͠Δ 
 ΞΫηε৘ใΛ౪ΈݟΒΕͨՄೳੑ

  19. ਖ਼نͷΞΫηε৘ใ/ܦ࿏Λ௨ͯ͡ ߈ܸ͕࢓ֻ͚ΒΕΔ࣌୅

  20. AWSͷϩά͚ͩݟ͍ͯΕ͹ ྑ͔ͬͨΜͰ͚ͨͬ͠ʁ

  21. ͦ΋ͦ΋୭͕ԿͷͨΊʹ ϩά෼ੳΛ͢Δͷ͔ʁ

  22. Motivation for log analysis • ؂ࢹʢ҆ఆՔಇ؍఺ʣ • αʔϏεՔಇঢ়گ؂ࢹ • ো֐ௐࠪ

    • αʔϏεར༻ʢϏδωε؍఺ʣ • αʔϏεར༻܏޲ͷ೺Ѳ • ௥੻ௐࠪʢηΩϡϦςΟ؍఺ʣ • αʔϏεෆਖ਼ར༻ͷ௥੻ • ֎෦͔Βͷ߈ܸͷ೺Ѳͱ௥੻ • ϩάΠϯঢ়گͷ௥੻ • ؅ཧऀૢ࡞ͷ೺Ѳͱ௥੻

  23. Motivation for log analysis • ؂ࢹʢ҆ఆՔಇ؍఺ʣ • αʔϏεՔಇঢ়گ؂ࢹ • ো֐ௐࠪ

    • αʔϏεར༻ʢϏδωε؍఺ʣ • αʔϏεར༻܏޲ͷ೺Ѳ • ௥੻ௐࠪʢηΩϡϦςΟ؍఺ʣ • αʔϏεෆਖ਼ར༻ͷ௥੻ • ֎෦͔Βͷ߈ܸͷ೺Ѳͱ௥੻ • ϩάΠϯঢ়گͷ௥੻ • ؅ཧऀૢ࡞ͷ೺Ѳͱ௥੻ αʔϏενʔϜɺϏδωεΦʔφʔ αʔϏενʔϜɺӡ༻อकνʔϜ αʔϏενʔϜɺηΩϡϦςΟνʔϜ ηΩϡϦςΟνʔϜ αʔϏενʔϜ

  24. Motivation for log analysis • ؂ࢹʢ҆ఆՔಇ؍఺ʣ • αʔϏεՔಇঢ়گ؂ࢹ • ো֐ௐࠪ

    • αʔϏεར༻ʢϏδωε؍఺ʣ • αʔϏεར༻܏޲ͷ೺Ѳ • ௥੻ௐࠪʢηΩϡϦςΟ؍఺ʣ • αʔϏεෆਖ਼ར༻ͷ௥੻ • ֎෦͔Βͷ߈ܸͷ೺Ѳͱ௥੻ • ϩάΠϯঢ়گͷ௥੻ • ؅ཧऀૢ࡞ͷ೺Ѳͱ௥੻ ͚ͩ͜͜είʔϓ͕"84಺ʹऩ·Βͳ͍ ଟ͕͘"84಺ʹऩ·Δ

  25. What is the scope of your business? (Repost)

  26. ΍ͬͺɺϩά͸Ұݩ؅ཧ ҰͭͷγεςϜͰ෼ੳͰ͖ͳ͍ͱͶʂ ʢ࠶ܝʣ

  27. ʮҰͭͷγεςϜʯͰ Ͱ͖Δʹӽͨ͜͠ͱ͸ͳ͍͕ റΒΕΔඞཁ͸ͳ͍

  28. ͳͥͳΒ͹

  29. ෼ੳ͢Δ໨తʹΑͬͯ ѻ͏ਓ΍ର৅ϩάɺඞཁͳػೳ͕ ҟͳΔ͔Β ʢ࠶ܝʣ

  30. ࣗ਎ͷϏδωε؀ڥͱ༻్ʹଇͨ͠ ϩά෼ੳج൫͕ඞཁ

  31. Attention ! • ͜͜·Ͱͷ࿩͸ແடংͳπʔϧͷཚཱΛਪ঑͢Δ࿦Ͱ͸͋Γ·ͤΜ • ϩά෼ੳʹ͸໨తͱܭըʹجͮ͘෼ੳج൫ͷҡ࣋ͱ૊৫ମ੍͕͋ͬͯ ॳΊͯ੒Γཱͭ΋ͷͰ͢ • ϩά΍෼ੳج൫΁ͷΞΫηείϯτϩʔϧ΍ݪຊ؅ཧͳͲʹ΋஫ҙΛ ෷͏ඞཁ͕͋Γ·͢

    • NIST SP800-92ʮίϯϐϡʔληΩϡϦςΟϩά؅ཧΨΠυʯࢀর 
 https://www.ipa.go.jp/ fi les/000025363.pdf

  32. ͦΜͳΘ͚Ͱ Azure Sentinelͷ঺հ

  33. What is Azure Sentinel ? • CloudܕSIEM • ෼ੳɺՄࢹԽɺࣗಈԽͷػೳ •

    ๛෋ͳࣄલఆٛͷςϯϓϨʔτ • ςϯϓϨʔτͷࣗಈ௥Ճ • Kusto Query Language • Azure؀ڥͱͷߴ͍਌࿨ੑ • ๛෋ͳίωΫλ • APIͷ༻ҙ • ϩάྲྀೖྔͱอଘظؒͰ՝ۚ • ಛผͳϥΠηϯεෆཁ

  34. Advantages of Azure Sentinel • ্ཱͪ͛ʹ͔͔Δ޻਺͕গͳ͍ • αϒεΫϦϓγϣϯΛ࡞ͬͯɺ਺ΫϦοΫͰΦϯϘʔυ • AWSͱͷ઀ଓ͸ɺIAMϙϦγʔͱIAMϩʔϧͷઃఆͷΈ

    • AWSCloudTrailReadOnlyAccess • ઃఆޙɺ20෼͘Β͍Ͱσʔλ͕ྲྀΕͯ͘Δ IUUQTEPDTNJDSPTPGUDPNKBKQB[VSFTFOUJOFMDPOOFDUBXT IUUQTEPDTNJDSPTPGUDPNKBKQB[VSFTFOUJOFMRVJDLTUBSUPOCPBSE

  35. Advantages of Azure Sentinel • ࣄલఆٛͷ෼ੳςϯϓϨʔτʢCSPMతͳ΍ͭฤʣ • Login to AWS

    Management Console without MFA • Changes made to AWS CloudTrail logs • Changes to internet facing AWS RDS Database instances • Changes to AWS Elastic Load Balancer security groups • Changes to AWS Security Group ingress and egress settings • Changes to Amazon VPC settings

  36. Advantages of Azure Sentinel • ࣄલఆٛͷ෼ੳςϯϓϨʔτʢෆ৹ͳڍಈͳ΍ͭฤʣ • Failed AWS Console

    logons but success logon to AzureAD • Failed AzureAD logons but success logon to AWS Console • Monitor AWS Credential abuse or hijacking • ࣄલఆٛͷ෼ੳςϯϓϨʔτʢڴҖΠϯςϦδΣϯεͱ࿈ܞฤʣ • (Preview) TI map IP entity to AWSCloudTrail

  37. Advantages of Azure Sentinel • MITER ATT&CKͷ֤ઓज़ʹجͮ͘ࣄલఆٛͷϋϯςΟϯάΫΤϦʔ

  38. Query Example • Changes to Amazon VPC settings $IBOHFTUP"NB[PO71$TFUUJOHT MFU&WFOU/BNF-JTU

    EZOBNJD <$SFBUF/FUXPSL"DM&OUSZ $SFBUF3PVUF $SFBUF3PVUF5BCMF $SFBUF*OUFSOFU(BUFXBZ $SFBUF/B U(BUFXBZ>  "84$MPVE5SBJM cXIFSF&WFOU/BNFJOd &WFOU/BNF-JTU  cTVNNBSJ[F4UBSU5JNF6UDNJO 5JNF(FOFSBUFE &OE5JNF6UDNBY 5JNF(FOFSBUFE CZ&WFOU/BNF  &WFOU5ZQF/BNF 6TFS*EFOUJUZ"DDPVOU*E 6TFS*EFOUJUZ1SJODJQBMJE 6TFS"HFOU  6TFS*EFOUJUZ6TFS/BNF 4FTTJPO.GB"VUIFOUJDBUFE 4PVSDF*Q"EESFTT "843FHJPO &WFOU4PVSDF  "EEJUJPOBM&WFOU%BUB 3FTQPOTF&MFNFOUT cFYUFOEUJNFTUBNQ4UBSU5JNF6UD "DDPVOU$VTUPN&OUJUZ6TFS*EFOUJUZ6TFS/BNF *1$VTUPN&OUJUZ 4PVSDF*Q"EESFTT

  39. Query Example • Exploit and Pentest Framework 
 User Agent

    MFUUJNFGSBNFE MFU6TFS"HFOU-JTU*OUFSOFU&YQMPSFSc.P[JMMBaaaa DPNQBUJCMF.4*&aa8JOEPXT/5aa47*OGP1BUIaaa a c.P[JMMBaaaa 8JOEPXT/5aa8JOYSWaaa a c.P[JMMBaaaa DPNQBUJCMF.FUBTQMPJU341&$aa c.P[JMMBa aaa DPNQBUJCMF.4*&aa8JOEPXT/5aa c.P[JMMBaaaa DPNQBUJCMF.4*&aa8JOEPXT/5aaaa c.P[JMMBaaaa DPNQBUJCMF.4*&aa8JOEPXT/5aa5SJEFOUaaaa c 
 தུ 
 DPNQBUJCMF.4*&aa8JOEPXT/5aa8085SJEFOU aa.""6aa c.P[JMMBaa<?aaT>c.P[JMMBaaaa DPNQBUJCMF 41*1&aac.P[JMMBaaaa 8JOEPXT/5aaSWaaaa  (FDLP'JSFGPYaac4BNFUJNF$PNNVOJUZ "HFOUc9'038"3%&%'03c%PU%PU1XOWaac4*1%30*%c XPSEQSFTTIBTIHSBCCFScFYQMPJUcPLIUUQ MFU&YDMVEF**4PLIUUQ VOJPOJTGV[[ZUSVF 0 ff i DF"DUJWJUZ cதུ   8$**4-PH cதུ   "84$MPVE5SBJM cXIFSF5JNF(FOFSBUFEBHP UJNFGSBNF  cXIFSF6TFS"HFOUNBUDIFTSFHFY6TFS"HFOU-JTU cFYUFOE4PVSDF*14PVSDF*Q"EESFTT cQSPKFDU5JNF(FOFSBUFE 5ZQF 6TFS"HFOU 4PVSDF*1  cTVNNBSJ[FNJO 5JNF(FOFSBUFE NBY 5JNF(FOFSBUFE  DPVOU CZ5ZQF 6TFS"HFOU 4PVSDF*1 cFYUFOEUJNFTUBNQNJO@5JNF(FOFSBUFE  *1$VTUPN&OUJUZ4PVSDF*1

  40. ͙͢ʹ࢖͑ΔࣄલఆٛςϯϓϨʔτ ΫΤϦʔͷॻ͖ํ΋ࢀߟʹͳΔ

  41. Advantages of Azure Sentinel • ࣄલఆٛͷՄࢹԽςϯϓϨʔτʢAWS Network Activitiesʣ

  42. Advantages of Azure Sentinel • ࣄલఆٛͷՄࢹԽςϯϓϨʔτʢAWS Network Activitiesʣ

  43. Advantages of Azure Sentinel • ࣄલఆٛͷՄࢹԽςϯϓϨʔτʢAWS Network Activitiesʣ

  44. Advantages of Azure Sentinel • ࣄલఆٛͷՄࢹԽςϯϓϨʔτʢAWS User Activitiesʣ

  45. Advantages of Azure Sentinel • ࣄલఆٛͷՄࢹԽςϯϓϨʔτʢAWS User Activitiesʣ

  46. Advantages of Azure Sentinel • ՄࢹԽͷ࣮ଶ͸ΫΤϦʔ / ՄࢹԽܗଶ΋બ୒ੑ

  47. ࣄલఆٛςϯϓϨʔτΛࢀߟʹ ඞཁͳՄࢹԽςϯϓϨʔτΛ࡞੒

  48. Advantages of Azure Sentinel • ࣗಈԽ͸Logic AppΛ༻͍ͯϩʔίʔυͰ࣮૷ IUUQTXXXGOJGOJOFUB[VSFTFOUJOFMMPHJDBQQ

  49. Advantages of Azure Sentinel • Ԡ༻͢Ε͹͜ͷΑ͏ͳ͜ͱ΋ IUUQTXXXGOJGOJOFUB[VSFTFOUJOFMJOUFSBDUJWF

  50. ϩά͸ੜ͖෺ ؀ڥಛ༗ͷݸੑʹԠͨ͡ ࣗಈԽͷ࡞ΓࠐΈ͕ඞཁ

  51. Advantages of Azure Sentinel • Ξϥʔτͷ૬ؔ΋IPΞυϨε΍Ϣʔβʔ໊ͳͲଟ༷ͳΩʔʹ 
 ࣗಈඥ෇͚Մೳ

  52. Advantages of Azure Sentinel • Ϣʔβʔ΍ΤϯςΟςΟ 
 ʹجͮ͘ߦಈ෼ੳ 
 (UEBA)

  53. Advantages of Azure Sentinel • ๛෋ͳίωΫλͰ૬ؔ෼ੳ։࢝·Ͱͷ্ཱ͕ͪΓΛαϙʔτ

  54. ਺ΫϦοΫͰܨ͗͜Έʂ ͱ͍͏Θ͚ʹ͸ߦ͔ͳ͍͕ ܨ͗͜Ή૭ޱ͸ଟ਺༻ҙ͞Ε͍ͯΔ

  55. ͱɺ·͋ ܨ͗͜Έͱ૬ؔ෼ੳͷ؍఺͔Β ༗ྗͳબ୒ࢶͱͳΔΘ͚Ͱ͢

  56. ΍ͬͯΈΔͱΘ͔Δ Ϋϥ΢υͰ(ͷ)ϩάΛѻ͏ͱ͍͏ ຊ࣭తͳ௧Έ

  57. The intrinsic pain of trying. • ϩάͷΤΫεϙʔτʢ௕ظอ؅ʣ • ௕ظอ؅ઌ͔Βͷ࠶෼ੳ •

    Ϋϥ΢υͷϩά͸ʮ݁Ռ੔߹ੑʯ

  58. The intrinsic pain of trying. • ϩάͷΤΫεϙʔτʢ௕ظอ؅ʣ • Azure Sentinelࣗମͷϩάอଘظؒ͸࠷େ23ϲ݄(90೔Ҏ্՝ۚ)

    • ௕ظอ؅ͷͨΊͷΤΫεϙʔτػೳ͸ɺҰ෦ϩάͷΈαϙʔτ • APIΛ༻͍ͯΤΫεϙʔτ͢Δػߏͷ࡞ΓࠐΈ͕ඞཁ • APIίʔϧϦϛοτɺಥ೗ݱΕΔ429Τϥʔ • ΫΤϦʔԠ౴্ݶʹҾ͔͔ͬΔͱσʔλ͕Ϳͭ੾ΓʹͳΔ

  59. The intrinsic pain of trying. • ௕ظอ؅ઌ͔Βͷ࠶෼ੳ • Azure Sentinelʹॻ͖໭ͯ͠࠶෼ੳ

    • 1ϲ݄෼ͷσʔλͷॻ͖໭͠Ͱ48࣌ؒOver • ཱͪ;͕͞ΔAPIίʔϧϦϛοτɺಥ೗ݱΕΔ429Τϥʔ • ௕ظอଘઌͰ௚઀෼ੳͰ͖ͳ͍ͱ͠ΜͲ͍ • Data Explorer͸ߴֹɻɻɻ

  60. Ώʔͯɺ2೥Ҏ্લͷϩάΛ ૬ؔ෼ੳ͢ΔϢʔεέʔεͳΜͯ ͋Δͷ͔ʁ

  61. The intrinsic pain of trying. • Ϋϥ΢υͷϩά͸ʮ݁Ռ੔߹ੑʯ • ϩά͸ૢ࡞͕ߦΘΕ͔ͯΒ͙͢ʹಡΈऔΓՄೳʹ͸ͳΒͳ͍ •

    CloudTrail͸ɺ8-12෼ఔ౓ͷܦ͔ͬͯΒࢀরՄೳ • CloudTrail -> Azure Sentinel͸ɺ໿20෼લͷϩά͕౸ண • σʔλιʔεʹΑͬͯ·ͪ·ͪɻଈ࣌Ξϥʔτ͸ແཧے IUUQTUFDIDPNNVOJUZNJDSPTPGUDPNUB[VSFTFOUJOFMIBOEMJOH JOHFTUJPOEFMBZJOB[VSFTFOUJOFMTDIFEVMFEBMFSUSVMFTCBQ

  62. ୹ؾ͸ଛؾ Ϋϥ΢υͷϩάΛ૬ؔ෼ੳ͢Δࡍ͸ ͋Δఔ౓ͷ࣌ؒͷ෯Λ࣋ͨͤΔ͜ͱ

  63. Conclusion • ϩά෼ੳͷπʔϧ͸ɺ࢖͏ਓͱ༻్ʹԠͯ͡దࡐదॴ • ༷ʑͳϏδωεϓϥοτϑΥʔϜΛލΔ૬ؔ෼ੳʹ͸ɺ 
 Azure Sentinel͸༗ྗͳબ୒ࢶ • Azure

    Sentinel͸গͳ͍޻਺Ͱ্ཱ͕ͪΓɺεϞʔϧελʔτʹ࠷ద • Ϋϥ΢υͷಛੑΛߟྀͨ࣌ؒ͠ઃఆ΍औΓѻ͍ͷߟྀ͕ඞཁ

  64. Resource • Operation Cloud HopperʢΫϥ΢υϗούʔ࡞ઓʣ • https://www.pwc.com/jp/ja/knowledge/thoughtleadership/ operation-cloud-hopper.html • ϚΠωοτࣾ౰ࣾαʔόʔ΁ͷෆਖ਼ΞΫηεʹؔ͢Δ࠷ऴใࠂॻ

    • https://mynet.co.jp/news/2018/05/11/info_0511/

  65. Thank you !