51 lines
1.6 KiB
Markdown
51 lines
1.6 KiB
Markdown
# Shift-Right Security
|
||
|
||
## Definition
|
||
"Shift right" highlights the need for ongoing security measures even after launching the application. Some security vulnerabilities may go unnoticed until customers start using the software. Monitoring and addressing these issues post-deployment is crucial.
|
||
|
||
## Core Principle
|
||
安全不仅是开发阶段的任务,生产环境部署后仍需持续进行安全监控和响应。
|
||
|
||
## Why Shift-Right?
|
||
|
||
### Limitations of Pre-Production Testing
|
||
- 测试环境无法完全模拟真实用户行为
|
||
- 某些漏洞仅在特定使用场景下暴露
|
||
- 第三方组件漏洞可能在运行时被发现
|
||
- 依赖库的零日漏洞需要实时响应
|
||
|
||
## Implementation
|
||
|
||
### Production Monitoring
|
||
- 安全信息和事件管理(SIEM)
|
||
- 运行时应用自我保护(RASP)
|
||
- 异常行为检测
|
||
- 日志安全分析
|
||
|
||
### Post-Deployment Practices
|
||
- 持续漏洞扫描
|
||
- 威胁情报整合
|
||
- 安全补丁管理
|
||
- 事件响应计划
|
||
|
||
### Feedback Loop
|
||
- 从生产环境收集安全数据
|
||
- 反馈给开发团队改进安全实践
|
||
- 更新威胁模型和安全测试用例
|
||
|
||
## Relationship with Shift-Left
|
||
- [[Shift-Left-Security]] ← complements → [[Shift-Right-Security]]
|
||
- 左移处理开发阶段的安全问题
|
||
- 右移处理生产环境特有的安全问题
|
||
- 两者结合形成完整的安全覆盖
|
||
|
||
## Related Concepts
|
||
- [[DevSecOps]] — 包含 Shift Right 策略的方法论
|
||
- [[RASP]] — 运行时应用自我保护
|
||
- [[SIEM]] — 安全信息和事件管理
|
||
- [[Vulnerability-Scanning]] — 持续漏洞扫描
|
||
- [[Incident-Response]] — 安全事件响应
|
||
|
||
## Sources
|
||
- [[what-is-devsecops-best-practices-benefits-and-tools]]
|