{"id":6571,"date":"2019-10-25T13:33:27","date_gmt":"2019-10-25T10:33:27","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6571"},"modified":"2019-11-15T14:22:28","modified_gmt":"2019-11-15T11:22:28","slug":"open-tip","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/open-tip\/6571\/","title":{"rendered":"Tehdit \u0130stihbarat\u0131 Portal\u0131: Daha derine inmeliyiz"},"content":{"rendered":"<p>Bu yaz\u0131y\u0131 okuyanlar\u0131n %95\u2019i i\u00e7in yaz\u0131n\u0131n i\u00e7eri\u011finin hi\u00e7bir i\u015fe yaramayaca\u011f\u0131n\u0131 \u00e7ok iyi biliyorum. Ancak kalan %5\u2019in \u00e7al\u0131\u015fma g\u00fcnlerini (ve pek \u00e7ok hafta sonunu) b\u00fcy\u00fck \u00f6l\u00e7\u00fcde kolayla\u015ft\u0131rma potansiyeline sahiptir. Ba\u015fka bir deyi\u015fle, siber g\u00fcvenlik uzmanlar\u0131 i\u00e7in harika haberlerimiz var \u2013 G\u00fcvenlik \u0130\u015flemleri Merkezi (SOC) ekipleri, ba\u011f\u0131ms\u0131z ara\u015ft\u0131rmac\u0131lar ve merakl\u0131 teknisyenler: <a href=\"https:\/\/eugene.kaspersky.com\/2011\/10\/28\/number-of-the-month-70k-per-day\/\" target=\"_blank\" rel=\"noopener\">a\u011fa\u00e7kakanlar\u0131m\u0131z<\/a> ve GReAT elemanlar\u0131m\u0131z\u0131n her g\u00fcn d\u00fcnyadaki <a href=\"https:\/\/securelist.com\/\" target=\"_blank\" rel=\"noopener\">en iyi siber tehdit ara\u015ft\u0131rmalar\u0131n\u0131<\/a> y\u00fcr\u00fctmek i\u00e7in kulland\u0131klar\u0131 ara\u00e7lar \u015fimdi <a href=\"https:\/\/opentip.kaspersky.com\" target=\"_blank\" rel=\"noopener nofollow\">Tehdit \u0130stihbarat Portal\u0131m\u0131z\u0131n<\/a> lite s\u00fcr\u00fcm\u00fc ile herkese a\u00e7\u0131k ve \u00fccretsiz. Bazen k\u0131saca T\u0130P olarak adland\u0131r\u0131l\u0131r ve ben konu hakk\u0131nda birka\u00e7 kelime s\u00f6yledikten sonra, an\u0131nda yer imlerinizin aras\u0131na ekleyeceksiniz!<\/p>\n<p>Tehdit \u0130stihbarat Portal\u0131, g\u00fcn\u00fcm\u00fcz\u00fcn \u00e7ok \u00e7al\u0131\u015fan siber g\u00fcvenlik uzmanlar\u0131 i\u00e7in iki temel sorunu \u00e7\u00f6zmektedir. \u0130lki: \u2018Bu y\u00fczlerce \u015f\u00fcpheli dosyadan hangisini \u00f6nce se\u00e7meliyim?\u2019; ikincisi: \u2018Tamam, antivir\u00fcs program\u0131m dosyan\u0131n temiz oldu\u011funu s\u00f6yl\u00fcyor \u2013 s\u0131rada ne var?\u2019<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-6573 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2019\/10\/25114112\/open-tip-screen1.png\" alt=\"Kaspersky Tehdit \u0130stihbarat Portal\u0131'n\u0131n \u00fccretsiz bir s\u00fcr\u00fcm\u00fc\" width=\"939\" height=\"499\"><\/p>\n<p>Net bir \u015fekilde Temiz\/Tehlikeli karar\u0131 veren \u201cKlasik\u201d \u00fcr\u00fcnlerden farkl\u0131 olarak \u2013 <a href=\"https:\/\/kas.pr\/kdkesbtr\" target=\"_blank\" rel=\"noopener\">Endpoint Security<\/a> \u2013 <a href=\"https:\/\/opentip.kaspersky.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Tehdit \u0130stihbarat Portal\u0131<\/a>\u2018na yerle\u015ftirilmi\u015f analitik ara\u00e7lar, bir dosyan\u0131n ne kadar ve hangi y\u00f6nleriyle \u015f\u00fcpheli oldu\u011fu konusunda ayr\u0131nt\u0131l\u0131 bilgi verir. Sadece dosyalar\u0131n da de\u011fil. Karmalar, IP adresleri ve URL\u2019ler de kontrol edilebilir. B\u00fct\u00fcn hepsi <a href=\"https:\/\/eugene.kaspersky.com\/2016\/12\/07\/a-billion-in-the-cloud\/\" target=\"_blank\" rel=\"noopener\">bulutumuz<\/a> taraf\u0131ndan h\u0131zl\u0131 bir \u015fekilde analiz edilir ve her birinin sonu\u00e7lar\u0131 g\u00fcm\u00fc\u015f bir tepside geri g\u00f6nderilir: K\u00f6t\u00fc olan taraflar\u0131 (e\u011fer varsa), bula\u015fman\u0131n ne kadar nadir g\u00f6r\u00fcld\u00fc\u011f\u00fc, uzaktan bile olsa hangi bilindik tehditlere benzedi\u011fi, hangi ara\u00e7lar taraf\u0131ndan yarat\u0131ld\u0131\u011f\u0131, ve benzerleri. Bunun da \u00f6tesinde, y\u00fcr\u00fct\u00fclebilir dosyalar <a href=\"https:\/\/eugene.kaspersky.com\/2019\/08\/26\/a-honeytrap-for-malware\/\" target=\"_blank\" rel=\"noopener\">patentli<\/a> bulut korumal\u0131 alan\u0131m\u0131zda \u00e7al\u0131\u015ft\u0131r\u0131l\u0131r ve sonu\u00e7lar birka\u00e7 dakika i\u00e7inde sunulur.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6574\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2019\/10\/25122425\/open-tip-screen2.png\" alt=\"\" width=\"974\" height=\"650\"><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6575\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2019\/10\/25122524\/open-tip-screen3.png\" alt=\"\" width=\"924\" height=\"737\"><\/p>\n<p>\u015eu an %5\u2019in \u00e7\u0131\u011fl\u0131k att\u0131\u011f\u0131n\u0131 duyabiliyorum: \u201cVirusTotal bu!\u201d<\/p>\n<p>Evet\u2026 ve hay\u0131r.<\/p>\n<p>Bir yandan ama\u00e7 ayn\u0131 \u2013 uzmanlara somut bir olay\u0131 analiz etmeleri ve bilin\u00e7li bir karar vermeleri i\u00e7in ek ara\u00e7lar sunmak. Di\u011fer taraftan, yakla\u015f\u0131m\u0131m\u0131z tamamen farkl\u0131.<\/p>\n<p>VirusTotal basit bir \u00e7oklu taray\u0131c\u0131 olarak tasarlanm\u0131\u015ft\u0131r \u2013 \u00e7e\u015fitli antivir\u00fcs motorlar\u0131n\u0131 toplar ve bunlar\u0131 kullan\u0131c\u0131 taraf\u0131ndan y\u00fcklenen dosyalar ile besler. Bu nedenle biz de dahil olmak \u00fczere t\u00fcm sat\u0131c\u0131lara, \u201cX dosyas\u0131n\u0131 alg\u0131lam\u0131yorsunuz\u201d su\u00e7lamas\u0131 y\u00f6neltilir; ancak X\u2019i geleneksel bir dosya taray\u0131c\u0131s\u0131yla tespit etmedi\u011fimizi s\u00f6ylemek daha do\u011frudur. Daha sonra ise, di\u011fer ara\u00e7lar\u0131 kullanarak ba\u015far\u0131yla tespit edebildi\u011fimiz ortaya \u00e7\u0131k\u0131yor. Ama VirusTotal\u2019da bunu g\u00f6rmezsiniz. VirusTotal\u2019da ek ara\u00e7lar ortaya \u00e7\u0131kt\u0131 elbette, ancak genel odak noktas\u0131, 30 y\u0131ldan daha uzun bir s\u00fcre \u00f6nce yarat\u0131lm\u0131\u015f \u00e7ok eski bir teknolojiyi kullanan motorlar\u0131n geni\u015f kapsama alan\u0131 olmaya devam ediyor.<\/p>\n<p>Karma\u015f\u0131k tehditlerin derinlemesine analizinde uzman olarak, bu derinli\u011fi t\u00fcm uzman toplulu\u011funun kullan\u0131m\u0131na sunmak i\u00e7in \u00e7al\u0131\u015f\u0131yoruz. Tehdit \u0130stihbarat Portal\u0131\u2019ndaki eserleri analiz eden tek motor, soyad\u0131m\u0131 ta\u015f\u0131yan \u015firkete ait. Ve bu konuda d\u00fcnyadaki <a href=\"https:\/\/www.kaspersky.com.tr\/top3\" target=\"_blank\" rel=\"noopener\">en iyi \u015firketiz<\/a>. D\u00fczinelerce geli\u015fmi\u015f analiz teknolojisini birle\u015ftirir (<a href=\"https:\/\/eugene.kaspersky.com\/2019\/08\/26\/a-honeytrap-for-malware\/\" target=\"_blank\" rel=\"noopener\">buraya<\/a>, <a href=\"https:\/\/eugene.kaspersky.com\/2011\/09\/15\/features-youd-normally-never-hear-about\/\" target=\"_blank\" rel=\"noopener\">buraya<\/a>, <a href=\"https:\/\/eugene.kaspersky.com\/2012\/11\/15\/finding-the-needle-in-the-haystack-introducing-astraea\/\" target=\"_blank\" rel=\"noopener\">buraya<\/a> ve <a href=\"https:\/\/eugene.kaspersky.com\/2019\/10\/16\/guess-which-company-made-the-top-100-global-innovators\/\" target=\"_blank\" rel=\"noopener\">buna bak\u0131n<\/a>) ve daha sonra ayr\u0131nt\u0131l\u0131 sonu\u00e7lara g\u00f6z atman\u0131z\u0131 sa\u011flar. VirusTotal\u2019da bulunan motorumuzla kar\u015f\u0131la\u015ft\u0131r\u0131ld\u0131\u011f\u0131nda, T\u0130P \u00e7ok farkl\u0131 bir alg\u0131lama seviyesi veriyor elbette.<\/p>\n<p>Buna ek olarak, VirusTotal ile de dosyalar\u0131 taramak faydal\u0131 olabilir \u2013 ikinci, \u00fc\u00e7\u00fcnc\u00fc ve d\u00f6rd\u00fcnc\u00fc g\u00f6r\u00fc\u015f hi\u00e7bir zaman k\u00f6t\u00fc bir \u015fey de\u011fildir. Ancak bu g\u00f6r\u00fc\u015flerin nas\u0131l uygun \u015fekilde tart\u0131laca\u011f\u0131n\u0131 bilmek \u00e7ok \u00f6nemlidir ve sorununu da g\u00f6z \u00f6n\u00fcnde bulundurmak gerekir. Tehdit \u0130stihbarat Portal\u0131\u2019n\u0131 ba\u015fka tedarik\u00e7ilerle ortakl\u0131klardan gelen bilgilerle geni\u015fletmeye karar verirsek, durum tespiti \u00e7ok daha kat\u0131 olacakt\u0131r.<\/p>\n<p>Tehdit \u0130stihbarat Portal\u0131 ve VirusTotal aras\u0131ndaki di\u011fer bir fark da\u2026 nas\u0131l tan\u0131mlasam\u2026 bilginin s\u0131n\u0131rl\u0131 da\u011f\u0131l\u0131m\u0131. VirusTotal\u2019a y\u00fcklenen dosyalar \u00e7ok \u00e7e\u015fitli abonelere a\u00e7\u0131kt\u0131r, Tehdit \u0130stihbarat Portal\u0131 ile ba\u015fkalar\u0131n\u0131n dosyalar\u0131na eri\u015fen hi\u00e7bir abone yoktur.<\/p>\n<p>Abonelikler konusunda:<\/p>\n<p>Tehdit \u0130stihbarat Portal\u0131\u2019n\u0131n \u00e7ok daha zengin olan <a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/threat-intelligence\" target=\"_blank\" rel=\"noopener\">\u00fccretli bir s\u00fcr\u00fcm\u00fc<\/a> var \u2013 k\u0131smen, tespit edilen siber tehditlere ili\u015fkin en iyi analistlerimiz taraf\u0131ndan yaz\u0131lm\u0131\u015f ayr\u0131nt\u0131l\u0131 raporlara eri\u015fim sa\u011flamas\u0131 nedeniyle. Ve y\u00fcklenen bir dosyan\u0131n, \u00f6rne\u011fin, bilinen bir finansal k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m par\u00e7as\u0131na benzedi\u011fi ortaya \u00e7\u0131karsa, k\u00f6t\u00fc niyetli siber geli\u015ftiricilerin ma\u011fdurlara nas\u0131l sald\u0131rd\u0131klar\u0131, hangi ara\u00e7lar\u0131 kulland\u0131klar\u0131 vb. hakk\u0131nda en taze ve en ayr\u0131nt\u0131l\u0131 bilgiler hizmetin tam s\u00fcr\u00fcm\u00fcnde mevcuttur.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Potansiyel tehditlerin detayl\u0131 analiz edilebilmesi i\u00e7in Tehdit \u0130stihbarat Portal\u0131m\u0131z\u0131n \u00fccretsiz bir versiyonunu yapt\u0131k.<\/p>\n","protected":false},"author":13,"featured_media":6572,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2046,1935,551],"class_list":{"0":"post-6571","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-korumali-alan","10":"tag-tehdit-istihbarati","11":"tag-urunler-2"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/open-tip\/6571\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/open-tip\/16812\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/open-tip\/14201\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/open-tip\/18800\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/open-tip\/16845\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/open-tip\/15594\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/open-tip\/19509\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/open-tip\/18160\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/open-tip\/23890\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/open-tip\/29036\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/open-tip\/12460\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/open-tip\/12495\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/open-tip\/11359\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/open-tip\/21611\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/open-tip\/26031\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/open-tip\/24740\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/open-tip\/19266\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/open-tip\/23581\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/open-tip\/23428\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/tehdit-istihbarati\/","name":"tehdit istihbarat\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6571","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6571"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6571\/revisions"}],"predecessor-version":[{"id":6707,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6571\/revisions\/6707"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6572"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}