Ensuring cybersecurity of enterprise information system endpoints based on Microsoft Defender Advanced Threat Protection
DOI: 10.31673/2409-7292.2021.033641
DOI:
https://doi.org/10.31673/2409-7292.2021.033641Abstract
The paper analyzes the problem of cybersecurity of the corporate information system and defines the purpose and objectives of cybersecurity of its endpoints. An analysis of existing technologies for cybersecurity endpoints of the corporate information system. Methods and means of providing cybersecurity of endpoints on the basis of Microsoft Defender Advanced Threat Protection are investigated. The purpose, main functions and composition of the Microsoft Defender Advanced Threat Protection platform are defined. Based on the research conducted in the work, a variant of the technology of cybersecurity of the endpoints of the corporate information system and recommendations for its application in the enterprise are proposed.
Keywords: corporate information system, cybersecurity, endpoint.
References
1. Kim Zetter. Countdown to Zero Day. Stuxnet and the Launch of the World`s First Digital Weapon - Published in the United States by Crown Publishers, an imprint of the Crown Publishing Group, a division of Random House LLC, a Penguin Random House Company, New York. – 2016. – 319p.
2. Gabrielle Desarnaud. Cyber Attacks and Energy Infrastractures. Anticipating Risks - Etudes de l'Ifri – 2017.-60p.
3. Eric D. Knapp Industrial Network Security - 225 Wyman Street, Waltham, MA 02451, USA – 2015.- 360p.
4. APT-атаки на топливно-энергетический комплекс: обзор тактик и техник [Электронный ресурс] – URL: https://www.ptsecurity.com/ru-ru/research/analytics/apt-attacks-energy-2019/
5. Почему защита АСУ ТП сегодня стала критически важной? [Электронный ресурс] – Режим доступа: World Wide Web. – URL: https://www.securitylab.ru/analytics/484730.php
6. Безопасность от кибератак и аварий в АСУ ТП [Электронный ресурс] – Режим доступа: World Wide Web. – URL: https://automation-system.ru/main/11-asutp/asu-tp/468-security-asutp.html
7. NERC Critical Infrastructure Protection (CIP), NERC CIP [Електронний ресурс] – Режим доступу: World Wide Web. – URL: https://www.nerc.com/pa/Stand/Pages/CIPStandards. aspx
8. NIST SP 800-82 [Електронний ресурс] – Режим доступу: World Wide Web. – URL: https://csrc.nist.gov/publications/detail/sp/800-82/archive/2011-06-09#:~:text=NIST%20Special%20Publication%20(SP)%20800,control%20system%20configurations%20such%20as
9. Nuclear Regulatory Commission Regulation 5.71 [Електронний ресурс] – Режим доступу: World Wide Web. – URL: https://www.nrc.gov/docs/ML0903/ML090340159.pdf
10. Довгуша І.М., Кітура О.В. Безпека автоматизованих систем управління технологічними процесами / Довгуша І.М., Кітура О.В. // Актуальні проблеми кібербезпки: всеукраїнська наукова конференція, тези доп. – К., 2020. С.91-92.
