![](\"https:\/\/turkishnews.com.tr\/wp-content\/uploads\/2022\/12\/kaspersky-endustriyel-guvenlik-aciklarinin-tespiti-icin-yeni-veri-akisini-duyurdu-0-trmjVi9V.jpg\")
<\/p>\n<\/p>\n
Kaspersky, operasyonel teknoloji (OT) yaz\u0131l\u0131mlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n otomatik olarak alg\u0131lanabilmesi i\u00e7in makine taraf\u0131ndan okunabilen yeni Open Vulnerability and Assessment Language (OVAL) veri ak\u0131\u015f\u0131n\u0131 ba\u015flatt\u0131. Kaspersky Industrial OVAL Data Feed for Windows, Kaspersky uzmanlar\u0131 taraf\u0131ndan analiz edilen ve \u00e7ok say\u0131da g\u00fcncel kaynaktan beslenen en pop\u00fcler SCADA ve da\u011f\u0131t\u0131k kontrol sistemlerindeki (DCS) g\u00fcvenlik a\u00e7\u0131klar\u0131 hakk\u0131nda kapsaml\u0131 istihbarat verilerini ve sald\u0131r\u0131y\u0131 etkisiz k\u0131lmak i\u00e7in ihtiya\u00e7 duyulan k\u0131lavuzlar\u0131 sa\u011fl\u0131yor. Ak\u0131\u015f, OVAL standard\u0131n\u0131 destekleyen g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi \u00e7\u00f6z\u00fcmleriyle entegrasyon i\u00e7in XML bi\u00e7iminde sunuluyor.<\/span><\/span><\/span><\/p>\n End\u00fcstriyel otomasyon yaz\u0131l\u0131m\u0131nda ke\u015ffedilen g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n say\u0131s\u0131 olduk\u00e7a fazla ve bu durum endi\u015fe yarat\u0131yor. \u00d6rne\u011fin Ulusal G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Veritaban\u0131 (National Vulnerability Database – NVD, <\/span>nvd.nist), otomasyon, \u00fcretim ve da\u011f\u0131t\u0131k kontrol sistemlerinde kullan\u0131lan pop\u00fcler yaz\u0131l\u0131mlardaki bilinen binlerce g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 ve \u00e7e\u015fitli end\u00fcstriyel yaz\u0131l\u0131mlardaki bilinen g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n pek \u00e7ok kayd\u0131n\u0131 i\u00e7eriyor. <\/span><\/span><\/span><\/p>\n Kaspersky Industrial OVAL Data Feed for Windows, \u00e7e\u015fitli g\u00fcvenlik ara\u00e7lar\u0131 ve hizmetleri aras\u0131nda g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bilgilerinin standardize aktar\u0131m\u0131na y\u00f6nelik OVAL spesifikasyonlar\u0131n\u0131 uyguluyor. B\u00f6ylece end\u00fcstriyel kurulu\u015flar\u0131n SCADA ve di\u011fer OT yaz\u0131l\u0131mlar\u0131n\u0131n g\u00fcvenlik a\u00e7\u0131\u011f\u0131 alg\u0131lama ve de\u011ferlendirme yeteneklerini geli\u015ftirmesine yard\u0131mc\u0131 oluyor.<\/span><\/span><\/span><\/p>\n \u00dcr\u00fcn, m\u00fc\u015fterinin end\u00fcstriyel g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi \u00e7\u00f6z\u00fcm\u00fcne entegre edildi ve a\u00e7\u0131k kaynakl\u0131 OVAL yorumlay\u0131c\u0131lar\u0131yla kullan\u0131labiliyor. Alg\u0131lanan sorunlar hakk\u0131nda sa\u011flanan ayr\u0131nt\u0131l\u0131 bilgiler aras\u0131nda a\u00e7\u0131klamalar, etkilenen yaz\u0131l\u0131m\u0131n ad\u0131 ve s\u00fcr\u00fcm\u00fc, \u00f6nem derecesi puan\u0131 ve metrikleri (CVSS), ayr\u0131ca engellemeye dair \u00f6nlemler yer al\u0131yor. Siemens, Schneider Electric, Yokogawa, Emerson gibi d\u00fcnyan\u0131n \u00f6nde gelen sat\u0131c\u0131lar\u0131n\u0131 kapsayan ak\u0131\u015f\u0131n kapsam\u0131 Kaspersky m\u00fc\u015fterilerinin ihtiya\u00e7lar\u0131na g\u00f6re geni\u015fletilecek.<\/span><\/span><\/span><\/p>\n Kaspersky ICS CERT uzmanlar\u0131, MITRE, Ulusal g\u00fcvenlik a\u00e7\u0131\u011f\u0131 veritaban\u0131 (NVD), US-CERT, \u00fcr\u00fcn sa\u011flay\u0131c\u0131lar\u0131 ve topluluklar gibi \u00fc\u00e7\u00fcnc\u00fc parti kaynaklar\u0131 s\u00fcrekli izleyerek ve ayn\u0131 zamanda kendi ara\u015ft\u0131rmalar\u0131n\u0131 y\u00fcr\u00fcterek veri topluyor ve g\u00fcvenlik a\u00e7\u0131klar\u0131 hakk\u0131nda istihbarat olu\u015fturuyor. Ard\u0131ndan t\u00fcm veriler ekip taraf\u0131ndan dikkatlice g\u00f6zden ge\u00e7iriliyor ve do\u011fru tespit ve de\u011ferlendirmeyi etkileyebilecek olas\u0131 hatalara kar\u015f\u0131 test ediliyor. G\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7in sa\u011flanan \u00f6nlemler, OT tehdit korumas\u0131 konusundaki kapsaml\u0131 deneyimlere ve SCADA sat\u0131c\u0131lar\u0131n\u0131n tavsiyelerine dayan\u0131yor.<\/span><\/span><\/span><\/p>\n Kaspersky ICS CERT \u00dcr\u00fcnleri Ba\u015fkan\u0131 Mikhail Berezin<\/strong>, \u015funlar\u0131 s\u00f6yl\u00fcyor: \u201cOVAL standard\u0131, bilinen yaz\u0131l\u0131mlar i\u00e7in g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 veya uygun sistem yap\u0131land\u0131rmalar\u0131n\u0131 tan\u0131mlamak \u00fczere aktif olarak kullan\u0131l\u0131yor. Ancak, end\u00fcstriyel kontrol sistemlerinde kullan\u0131lan yaz\u0131l\u0131mlar i\u00e7in piyasada kapsaml\u0131 ve y\u00fcksek kaliteli bir OVAL veri kayna\u011f\u0131 bulunmuyor. Yeni veri ak\u0131\u015f\u0131 bu bo\u015flu\u011fu dolduruyor ve ICS ile ilgili yaz\u0131l\u0131mlar i\u00e7in gerekli kapsam\u0131 sa\u011fl\u0131yor. Bu yakla\u015f\u0131m end\u00fcstriyel kurulu\u015flar\u0131n etkinli\u011fini art\u0131r\u0131rken otomatikle\u015ftirilmi\u015f g\u00fcvenlik a\u00e7\u0131\u011f\u0131 de\u011ferlendirmesi s\u00fcrecinin geli\u015fmesine yard\u0131mc\u0131 olacakt\u0131r. Bunu m\u00fc\u015fterilerimizle yapt\u0131\u011f\u0131m\u0131z projelerde kan\u0131tlamaktan mutluluk duyuyoruz.”<\/em><\/span><\/span><\/span><\/p>\n Kaynak: (BYZHA) – Beyaz Haber Ajans\u0131<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Kaspersky, operasyonel teknoloji (OT) yaz\u0131l\u0131mlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n otomatik olarak alg\u0131lanabilmesi i\u00e7in makine taraf\u0131ndan okunabilen yeni Open Vulnerability and Assessment Language (OVAL) veri ak\u0131\u015f\u0131n\u0131 ba\u015flatt\u0131. Kaspersky Industrial OVAL Data Feed for Windows, Kaspersky uzmanlar\u0131 taraf\u0131ndan analiz edilen ve \u00e7ok say\u0131da g\u00fcncel kaynaktan beslenen en pop\u00fcler SCADA ve da\u011f\u0131t\u0131k kontrol sistemlerindeki (DCS) g\u00fcvenlik a\u00e7\u0131klar\u0131 hakk\u0131nda kapsaml\u0131 istihbarat verilerini ve sald\u0131r\u0131y\u0131 etkisiz k\u0131lmak i\u00e7in ihtiya\u00e7 duyulan k\u0131lavuzlar\u0131 sa\u011fl\u0131yor.<\/p>\n","protected":false},"author":1,"featured_media":7274,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[45],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/7273"}],"collection":[{"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7273"}],"version-history":[{"count":1,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/7273\/revisions"}],"predecessor-version":[{"id":7276,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/7273\/revisions\/7276"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=\/wp\/v2\/media\/7274"}],"wp:attachment":[{"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/turkishnews.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}