TY - GEN
T1 - Knowledge Management Applied in the Comparative Study of the IRETE Intrusion Methodology to Access to the Computer Systems
AU - Diaz-Piraquive, Flor Nancy
AU - Ortiz-Ruiz, Emanuel
AU - González-Aragón, Jansen Jair
AU - Avila-Bermeo, Harlinzo Hernan
AU - Parada-Jaimes, Wilmer David
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021
Y1 - 2021
N2 - The threats in cyberspace materialize big digital security threats for any organization. New computer incidents are permanently reported, visualizing the advanced technical skills of cybercriminals and the cybersecurity professionals’ response limitations. Most expensive digital security products are based on the treatment of known threats and are vulnerable to new threats known as zero-day attacks. Likewise, the human factor continues to be one of the main weaknesses when deploying IT security strategies and policies. In this way the tests or computer penetration tests are one of the most appropriate techniques to know and establish digital security mechanisms according to each organization. Therefore, the present work analyzes international standards to carry out computer vulnerability tests and proposes a methodology of ethical hacking under the postulates of gratuity and resources availability. Suggestions on the scalability of cybersecurity strategies are presented at the end of the document, considering that each organization is different and requires adaptability in the use of the available infrastructure to manage known and unknown digital risks. IRETE’s research is based on the management that must be carried out in the creation, distribution and appropriation of knowledge, through the methodology that guides the assurance of information through the PenTESTING phases. Likewise, it proposes a process that integrally integrates the collection of information from any operating system, indicating that IRETE generates information more simply and accurately from the inspection, track, examination, testing and exfiltration phases. IRETE presents a complete methodology to approach the knowledge management of a vulnerable system, which allows an in-depth review of the factors that affect the handling of information.
AB - The threats in cyberspace materialize big digital security threats for any organization. New computer incidents are permanently reported, visualizing the advanced technical skills of cybercriminals and the cybersecurity professionals’ response limitations. Most expensive digital security products are based on the treatment of known threats and are vulnerable to new threats known as zero-day attacks. Likewise, the human factor continues to be one of the main weaknesses when deploying IT security strategies and policies. In this way the tests or computer penetration tests are one of the most appropriate techniques to know and establish digital security mechanisms according to each organization. Therefore, the present work analyzes international standards to carry out computer vulnerability tests and proposes a methodology of ethical hacking under the postulates of gratuity and resources availability. Suggestions on the scalability of cybersecurity strategies are presented at the end of the document, considering that each organization is different and requires adaptability in the use of the available infrastructure to manage known and unknown digital risks. IRETE’s research is based on the management that must be carried out in the creation, distribution and appropriation of knowledge, through the methodology that guides the assurance of information through the PenTESTING phases. Likewise, it proposes a process that integrally integrates the collection of information from any operating system, indicating that IRETE generates information more simply and accurately from the inspection, track, examination, testing and exfiltration phases. IRETE presents a complete methodology to approach the knowledge management of a vulnerable system, which allows an in-depth review of the factors that affect the handling of information.
UR - http://www.scopus.com/inward/record.url?scp=85113529597&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85113529597&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-81635-3_29
DO - 10.1007/978-3-030-81635-3_29
M3 - Conference contribution
AN - SCOPUS:85113529597
SN - 9783030816346
T3 - Communications in Computer and Information Science
SP - 354
EP - 365
BT - Knowledge Management in Organizations - 15th International Conference, KMO 2021, Proceedings
A2 - Uden, Lorna
A2 - Ting, I-Hsien
A2 - Wang, Kai
PB - Springer Science and Business Media Deutschland GmbH
T2 - 15th International Conference on Knowledge Management in Organizations, KMO 2021
Y2 - 20 July 2021 through 22 July 2021
ER -