Gemini Google Cloud APP Muridzi Manual

Gemini chishandiso chine simba cheAI chinogona kushandiswa kubatsira Google Security Operations uye Google Threat Intelligence vashandisi. Gwaro iri rinokupa ruzivo rwaunoda kuti utange neGemini uye gadzira zvinobudirira zvinokurudzira.

Kugadzira zvinokurudzira neGemini

Paunenge uchigadzira kukurumidza, iwe uchafanirwa kupa Gemini neruzivo runotevera:

1. Mhando yekukurumidza iwe yaunoda kugadzira, kana iripo (semuenzaniso
   "Gadzira mutemo")
2. Mamiriro ezvinhu ekukurumidza
3. Kubuda kwaidiwa

Vashandisi vanogona kugadzira zvakasiyana-siyana zvekukurudzira, kusanganisira mibvunzo, mirairo uye pfupiso.

Maitiro akanakisa ekugadzira zvirevo

Paunenge uchigadzira kukurudzira, zvakakosha kuchengeta anotevera maitiro akanaka mupfungwa:

Shandisa mutauro wechisikigo: Nyora sokunge uri kutaura murairo uye taura pfungwa dzakakwana mumitsara yakazara.

Ipa mamiriro: Sanganisira ruzivo rwakakodzera kuti ubatsire Gemini kunzwisisa chikumbiro chako, senge nguva yakatarwa, yakatarwa zvinyorwa, kana ruzivo rwemushandisi. Kuwanda kwechirevo chaunopa, ndiko kuwedzera kwakakodzera uye kubatsira mhedzisiro inova.

Iva akananga uye muchidimbu: Taura zvakajeka ruzivo rwauri kutsvaga kana basa raunoda kuti Gemini iite. Tsanangura chinangwa, chinokonzeresa, chiito, uye mamiriro (s).
For example, bvunza mubatsiri: "Ndizvo here izvi (file zita, zvichingodaro) anozivikanwa kuva ane utsinye?” uye kana zvichizivikanwa kuti ndizvo, unogona kukumbira "Tsvaga izvi (file) munzvimbo yangu."

Batanidza zvinangwa zvakajeka: Tanga nechinangwa chakajeka uye tsanangura zvinokonzeresa zvinomutsa mhinduro.

Shandisa maitiro ese: Shandisa in-line yekutsvaga basa, mubatsiri wekutaura, uye jenareta rebhuku rekutamba kune zvaunoda zvakasiyana.

Mareferensi ekubatanidza (yekugadzira bhuku rekutamba chete): Kumbira uye tsanangura kubatanidzwa kwawakatoisa uye kugadzirisa munharaunda yako sezvo ine chekuita nematanho anotevera mubhuku rekutamba.

Dzokorora: Kana mhinduro dzekutanga dzisingagutsi, natsa kukurumidza kwako, ipa rumwe ruzivo, uye bvunza mibvunzo yekutevera kutungamira Gemini kune mhinduro iri nani.

Sanganisira zvisungo zvekuita (zvekugadzira mabhuku ekutamba chete): Iwe unogona kusimudzira kushanda kwekukurumidza paunenge uchigadzira bhuku rekutamba nekukumbira mamwe matanho akadai sekupfumisa data.

Simbisa chokwadi: Rangarira kuti Gemini chishandiso cheAI, uye mhinduro dzayo dzinofanira kugara dzakasimbiswa zvichipesana neruzivo rwako uye mamwe masosi aripo.

Kushandisa zvinokurudzira muSecurity Operations

Gemini inogona kushandiswa nenzira dzakasiyana-siyana muSecurity Operations, kusanganisira kutsvaga-in-line, rubatsiro rwekutaura, uye kugadzirwa kwebhuku rekutamba. Mushure mekugamuchira AI-yakagadzirwa nyaya pfupiso, Gemini inogona kubatsira varapi ne:

1. Kutyisidzira uye kuongorora
2. Q&A ine chekuita nezvekuchengetedza
3. Playbook chizvarwa
4. Threat intelligence muchidimbu

Google Security Operations (SecOps) yakafumiswa nehungwaru hwemberi kubva kuMandiant, uye hungwaru hwechaunga kubva kuVirusTotal iyo inogona kubatsira zvikwata zvekuchengetedza:

Kurumidza kuwana uye ongorora kutyisidzira kungwara: Bvunza mibvunzo yemutauro wechisikigo nezvevatambi vekutyisidzira, mhuri dzine malware, kusasimba, uye maIOC.

Kurumidza kuvhima nekuona kutyisidzira: Gadzira mibvunzo yekutsvaga yeUDM uye mitemo yekuona zvichienderana nekutyisidzira kwehungwaru data.

Isa pamberi njodzi dzekuchengetedza: Nzwisisa kuti ndedzipi tyisidziro dzinonyanya kukosha kusangano ravo uye tarisa pane zvakanyanya kunetsa.

Pindura zvinobudirira kune zviitiko zvekuchengetedza: Pfumisa zviziviso zvekuchengetedza nekutyisidzira hungwaru mamiriro uye tora kurudziro dzekugadzirisa zviito.

Kuvandudza ruzivo rwekuchengetedza: Gadzira zvinhu zvekudzidzisa zvinobatika zvichibva pane chaiyo-yenyika kutyisidzira njere.

Shandisa makesi eSecurity Operations

Kutyisidzira uye kuongorora

Gadzira mibvunzo, gadzira mitemo, tarisa zviitiko, ongorora zviziviso, tsvaga data (gadzira UDM mibvunzo).

Mamiriro ezvinhu: Muongorori wekutyisidzira ari kuongorora yambiro nyowani uye anoda kuziva kana paine humbowo mumhoteredzo yeimwe murairo unoshandiswa kupinza zvivakwa nekuzviwedzera kune registry.

Sample prompt: Gadzira mubvunzo kuti uwane chero zviitiko zvekugadzirisa registry pa [hostname] munguva yapfuura [nguva].

Chikumbiro chekutevera: Gadzira mutemo wekubatsira kuona kuti maitiro mune ramangwana.

Mamiriro ezvinhu: Muongorori anoudzwa kuti mudzidzi aiita “zvinhu” zvinonyumwira uye aida kunzwisisa zviri nani zviri kuitika.

Sample prompt: Ndiratidze zviitiko zvekubatanidza network zve userid kutanga netim. smith (case insensitive) kwemazuva matatu apfuura.

Chikumbiro chekutevera: Gadzira mutemo weYARA-L wekuona chiitiko ichi mune ramangwana.

Mamiriro ezvinhu: Muongorori wezvekuchengetedza anogashira yambiro nezve chiitiko chinofungidzirwa paaccount yemushandisi.

Sample prompt: Ndiratidze zviitiko zvakavharirwa mushandisi zvekupinda nekodhi yechiitiko ye4625 uko src.
hostname haisi null.

Chikumbiro chekutevera: Vangani vashandisi vanosanganisirwa mumhedzisiro seti?

Q&A ine chekuita nezvekuchengetedza

Mamiriro ezvinhu: Muongorori wezvekuchengetedza ari kupinda mubasa idzva uye anocherechedza kuti Gemini akapfupikisa nyaya ine matanho anokurudzirwa ekuferefeta uye mhinduro. Vanoda kudzidza zvakawanda nezve malware anoonekwa muchidimbu chenyaya.

Sample prompt: Chii chinonzi [zita remalware]?

Chikumbiro chekutevera: [zita remalware] rinoramba riripo sei?

Mamiriro ezvinhu: Muongorori wezvekuchengetedzwa kwenyika anogashira chenjedzo pamusoro pezvingangove zvakaipa file hash.

Sample prompt: Ndizvo here izvi file hash [insert hash] inozivikanwa kuva ine utsinye?

Chikumbiro chekutevera: Nderupi rumwe ruzivo rwuripo pamusoro peizvi file?

Mamiriro ezvinhu: Munhu anopindura chiitiko anofanirwa kuona kunobva hutsinye file.

Sample prompt: Chii chinonzi file hashi yezvinoitwa "[malware.exe]"?

Zvikumbiro zvekutevera:

• Pfumisa nehungwaru hwekutyisidzira kubva kuVirusTotal kune ruzivo nezve izvi file hash; zvinozivikanwa kuti zvakaipa here?
• Izvi zvakaonekwa munharaunda yangu here?
• Ndezvipi zvinokurudzirwa kuchengetedza uye kugadzirisa zviito zveiyi malware?

Playbook chizvarwa

Tora chiito uye uvake mabhuku ekutamba.

Mamiriro ezvinhu: Injiniya yekuchengetedza inoda kuita otomatiki maitiro ekupindura kune phishing emails.

Sample prompt: Gadzira bhuku rekutamba rinotanga kana email yagamuchirwa kubva kune anozivikanwa phishing sender. Iyo playbook inofanirwa kuisa iyo email yega uye kuzivisa timu yekuchengetedza.

Mamiriro ezvinhu: Nhengo yechikwata cheSOC inoda kuzvigadzika yega zvine hutsinye files.

Sample prompt: Nyora bhuku rekutamba rekuzivisa nezve malware. Bhuku rekutamba rinofanira kutora file hash kubva kuchenjedzo uye kuipfumisa nehungwaru kubva kuVirusTotal. Kana iyo file hashi ine hutsinye, gara wega file.

Mamiriro ezvinhu: Muongorori wekutyisidzira anoda kugadzira bhuku idzva rekutamba iro rinogona kubatsira kupindura kune ramangwana chenjedzo dzine chekuita neregistry kiyi shanduko.

Sample prompt: Vaka bhuku rekutamba kune avo registry kiyi shanduko chenjedzo. Ini ndinoda iro bhuku rekutamba rakafumiswa nemhando dzese dzemasangano kusanganisira VirusTotal uye Mandiant kutyisidzira kumberi kwenjere. Kana paine chinhu chinofungidzirwa kuti chazivikanwa, gadzira nyaya tags wozoisa pamberi penyaya yacho.

Threat intelligence muchidimbu

Wana ruzivo nezve kutyisidzira uye kutyisidzira vatambi.

Mamiriro ezvinhu: Maneja wemabasa ekuchengetedza anoda kunzwisisa maitiro ekurwisa emumwe mutambi wekutyisidzira.

Sample prompt: Ndeapi maitiro anozivikanwa, maitiro, uye maitiro (TTPs) anoshandiswa neAPT29?

Chikumbiro chekutevera: Pane here zvakacherechedzwa zvinoonekwa muGoogle SecOps zvinogona kubatsira kuona chiitiko chine chekuita neTTPs idzi?

Mamiriro ezvinhu: Muongorori wehungwaru anotyisidzira anodzidza nezve rudzi rutsva rwemalware ("emotet") uye anogovera mushumo kubva mukutsvagisa kwavo nechikwata cheSOC.

Sample prompt: Ndezvipi zviratidzo zvekukanganisika (IOCs) zvakabatana neiyo emotet malware?

Zvikumbiro zvekutevera:

• Gadzira mubvunzo wekutsvaga weUDM kuti utsvage maIOC aya mumatanda esangano rangu.
• Gadzira mutemo wekuona unozondizivisa kana chero yeaya maIOC akaonekwa mune ramangwana.

Mamiriro ezvinhu: Muongorori wezvekuchengetedza aona mauto ari munharaunda yavo achitaurirana nevanozivikanwa kuraira-uye-kutonga (C2) maseva ane hukama nemumwe munhu anotyisidzira mutambi.

Sample prompt: Gadzira mubvunzo kuti undiratidze ese anobuda network ekubatanidza kune IP kero nemadomasi ane chekuita ne: [zita rekutyisidzira mutambi].

Nekushandisa Gemini zvinobudirira, zvikwata zvekuchengetedza zvinogona kukwidziridza kugona kwavo kutyisidzira uye kugadzirisa yavo yese kuchengetedza kumira. Aya angori maex mashomaampmashoma ekuti Gemini inogona kushandiswa sei kuvandudza mashandiro ekuchengetedza.
Sezvo iwe uchiwedzera kujairana nechishandiso, iwe unowana dzimwe nzira dzakawanda dzekuishandisa kune yako advantage. Mamwe mashoko anogona kuwanikwa paGoogle SecOps chigadzirwa zvinyorwa peji.

Kushandisa zvinokurudzira muThreat Intelligence

Nepo Google Threat Intelligence inogona kushandiswa zvakafanana kune yechinyakare yekutsvaga injini ine mazwi ega, vashandisi vanogona zvakare kuwana zvakanangwa mhedzisiro nekugadzira chaiyo yekukurudzira.
Gemini zvinokurudzira zvinogona kushandiswa nenzira dzakasiyana muThreat Intelligence, kubva pakutsvaga mafambiro akafara, kusvika pakunzwisisa kutyisidzira chaiko uye zvimedu zvemalware, zvinosanganisira:

1. Kutyisidzira kungwara kuongororwa
2. Proactive kutyisidzira kuvhima
3. Kutyisidzira actor profiling
4. Kuisa pamberi penjodzi
5. Kuvandudza chenjedzo dzekuchengetedza
6. Kushandisa MITER ATT&CK

Shandisa makesi eThreat Intelligence

Kutyisidzira kungwara kuongororwa

Mamiriro ezvinhu: Muongorori wehungwaru anotyisidzira anoda kudzidza zvakawanda nezve ichangobva kuwanikwa mhuri yemalware.

Sample prompt: Chii chinozivikanwa nezve malware "Emotet"? Ndeapi masimba ayo uye anopararira sei?

Related kukurumidza: Ndezvipi zviratidzo zvekukanganisika (IOCs) zvakabatana neiyo emotet malware?

Mamiriro ezvinhu: Muongorori arikuferefeta boka idzva rerudzikinuro uye anoda kukurumidza kunzwisisa maitiro avo, matekiniki, uye maitiro (TTPs).

Sample prompt: Pfupisa maTTP anozivikanwa eboka rerudzikinuro "LockBit 3.0." Sanganisira ruzivo nezve nzira dzavo dzekutanga dzekuwana, nzira dzekufamba kwemashure, uye nzira dzekupamba dzakasarudzika.

Zvinoenderana

• Ndezvipi zviratidzo zvakajairika zvekukanganisa (IOCs) zvine chekuita neLockBit 3.0?
• Pave paine zvichangobva kuitika zveruzhinji mishumo kana kuongororwa kweLockBit 3.0 kurwiswa?

Proactive kutyisidzira kuvhima

Mamiriro ezvinhu: Muongorori wehungwaru anotyisidzira anoda kunyatsotsvaga zviratidzo zveimwe mhuri ine malware inozivikanwa kunanga indasitiri yavo.

Sample prompt: Ndezvipi zviratidzo zvakajairika zvekukanganisa (IOCs) zvine chekuita neiyo "Trickbot" malware?

Mamiriro ezvinhu: Muongorori wezvekuchengetedza anoda kuona chero mauto ari munharaunda mavo achitaurirana nevanozivikanwa kuraira-uye-kutonga (C2) maseva ane hukama nemumwe anotyisidzira mutambi.

Sample prompt: Ndeapi anozivikanwa C2 IP kero uye madomasi anoshandiswa neanotyisa mutambi [Zita]?

Kutyisidzira actor profiling

Mamiriro ezvinhu: Chikwata chehungwaru chekutyisidzira chirikutevera zviitiko zveanofungidzirwa kuti APT boka uye inoda kugadzira yakazara pro.file.

Sample prompt: Gadzira nyanzvifile yemutambi wekutyisidzira "APT29". Sanganisira mazita avo anozivikanwa, nyika yavanofungirwa kwavakabva, zvinokurudzira, zvinotarisirwa, uye maTTP anodiwa.

Related kukurumidza: Ndiratidze nguva yekurwisa kwakanyanya kweAPT29 campaign uye timeline.

Kuisa pamberi penjodzi

Mamiriro ezvinhu: Chikwata chekutarisira njodzi chinoda kukoshesa kuedza kwekugadzirisa zvichienderana nemamiriro ekutyisidzira.

Sample prompt: Ndedzipi Palo Alto Networks kusagadzikana kuri kushandiswa nesimba nevatambi vekutyisidzira musango?

Related kukurumidza: Pfupikidza zviitiko zvinozivikanwa zveCVE-2024-3400 uye CVE-2024-0012.

Mamiriro ezvinhu: Chikwata chekuchengetedza chakaremerwa nemhedzisiro yekuongorora kwenjodzi uye chinoda kukoshesa kuedza kwekugadzirisa zvichienderana nehungwaru hwekutyisidzira.

Sample prompt: Ndechipi chekusagadzikana kunotevera kwakataurwa mumishumo yehungwaru yekutyisidzira: [rondedzero yakaonekwa kusasimba]?

Zvinoenderana

• Pane here zviitwa zvinozivikanwa zviripo kune zvinotevera kusasimba: [rondedzero yakaonekwa kusasimba]?
• Ndeupi wekusagadzikana kunotevera kungango shandiswa nevatambi vekutyisidzira: [rondedzero yakaonekwa kusasimba]? Zviise pamberi zvichienderana nekuoma kwavo, kushandiswa, uye kukosha kune indasitiri yedu.

Kuvandudza chenjedzo dzekuchengetedza

Mamiriro ezvinhu: Muongorori wezvekuchengetedza anogashira yambiro nezve kuyedza kupinda mukati kubva kune isingazivikanwe IP kero.

Sample prompt: Chii chinozivikanwa nezve IP kero [ipa IP]?

Kushandisa MITER ATT&CK

Mamiriro ezvinhu: Chikwata chekuchengetedza chinoda kushandisa iyo MITER ATT & CK chimiro kuti vanzwisise kuti mutambi wekutyisidzira angangonanga kusangano ravo sei.

Sample prompt: Ndiratidze maitiro eMITER ATT&CK ane hukama neanotyisidzira mutambi APT38.

Gemini chishandiso chine simba chinogona kushandiswa kugadzirisa Chengetedzo Operations uye Threat Intelligence. Nekutevera maitiro akanakisa atsanangurwa mugwaro rino, unogona kugadzira zvirevo zvinoshanda zvinokubatsira kuwana zvakanyanya kubva kuGemini.

Cherechedza: Gwaro iri rinopa mazano ekushandisa Gemini muGoogle SecOps uye Gemini muThreat Intelligence. Haisi rondedzero inoperera yemakesi ese anogona kushandiswa, uye iwo chaiwo masimba eGemini anogona kusiyana zvichienderana nechigadzirwa chako edition. Iwe unofanirwa kubvunza zviri pamutemo zvinyorwa kuti uwane ruzivo rwechizvino-zvino.

Gemini
muSecurity Operations

Gemini
muTreat Intelligence

Zvinyorwa / Zvishandiso

Gemini Google Cloud APP [pdf] Bhuku reMuridzi Google Cloud APP, Google, Cloud APP, APP

References

• User Manual