Merge branch 'release/1.11.0' into develop
72
CHANGELOG.md
|
@ -1,11 +1,12 @@
|
|||
# Changelog
|
||||
All notable changes to this project will be documented in this file.
|
||||
All notable changes to this project will be documented in this
|
||||
file.
|
||||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
The format is based on [Keep a
|
||||
Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## [Unreleased]
|
||||
## [1.11.0] - 2021-08-XX
|
||||
### Added
|
||||
- PostgreSQL fingerprinter. #892
|
||||
- A runtime-configurable option to specify a data directory where runtime
|
||||
configuration and other artifacts can be stored. #994
|
||||
- Scripts to build an AppImage for Monkey Island. #1069, #1090, #1136, #1381
|
||||
|
@ -13,53 +14,58 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- A ransomware simulation payload. #1238
|
||||
- The capability for a user to specify their own SSL certificate. #1208
|
||||
- API endpoint for ransomware report. #1297
|
||||
- Add ransomware report. #1240
|
||||
- A ransomware report. #1240
|
||||
- A script to build a docker image locally. #1140
|
||||
|
||||
### Changed
|
||||
- server_config.json can be selected at runtime. #963
|
||||
- Logger configuration can be selected at runtime. #971
|
||||
- `mongo_key.bin` file location can be selected at runtime. #994
|
||||
- Monkey agents are stored in the configurable data_dir when monkey is "run
|
||||
from the island". #997
|
||||
- Reformated all code using black. #1070
|
||||
- Sorted all imports usind isort. #1081
|
||||
- Addressed all flake8 issues. #1071
|
||||
- Select server_config.json at runtime. #963
|
||||
- Select Logger configuration at runtime. #971
|
||||
- Select `mongo_key.bin` file location at runtime. #994
|
||||
- Store Monkey agents in the configurable data_dir when monkey is "run from the
|
||||
island". #997
|
||||
- Reformat all code using black. #1070
|
||||
- Sort all imports using isort. #1081
|
||||
- Address all flake8 issues. #1071
|
||||
- Use pipenv for python dependency management. #1091
|
||||
- Moved unit tests to a dedicated `tests/` directory to improve pytest
|
||||
collection time. #1102
|
||||
- Default BB test suite behavior: if `--run-performance-tests` flag is not
|
||||
specified, performance tests are skipped.
|
||||
- Zerologon exploiter writes runtime artifacts to a secure temporary directory
|
||||
- Move unit tests to a dedicated `tests/` directory to improve pytest collection
|
||||
time. #1102
|
||||
- Skip BB performance tests by default. Run them if `--run-performance-tests`
|
||||
flag is specified.
|
||||
- Write Zerologon exploiter's runtime artifacts to a secure temporary directory
|
||||
instead of $HOME. #1143
|
||||
- Authentication mechanism to use bcrypt on server side. #1139
|
||||
- `server_config.json` puts environment config options in a separate section
|
||||
named "environment". #1161
|
||||
- BlackBox tests can now register if they are ran on a fresh installation. #1180
|
||||
- Put environment config options in `server_config.json` into a separate
|
||||
section named "environment". #1161
|
||||
- Automatically register if BlackBox tests are run on a fresh installation.
|
||||
#1180
|
||||
- Limit the ports used for scanning in blackbox tests. #1368
|
||||
- Limit the propagation depth of most blackbox tests. #1400
|
||||
- Blackbox tests wait less time for monkeys to die. #1400
|
||||
- Improved the structure of unit tests by scoping fixtures only to relevant modules
|
||||
instead of having a one huge fixture file, improved and renamed the directory
|
||||
structure of unit tests and unit test infrastructure. #1178
|
||||
- MongoDb now gets launched by the Island via python. #1148
|
||||
- Create/check data directory on Island init. #1170
|
||||
- The formatting of some log messages to make them more readable. #1283
|
||||
- Some unit tests to run faster. #1125
|
||||
- Wait less time for monkeys to die when running BlackBox tests. #1400
|
||||
- Improve the structure of unit tests by scoping fixtures only to relevant
|
||||
modules instead of having a one huge fixture file. #1178
|
||||
- Improve and rename the directory structure of unit tests and unit test
|
||||
infrastructure. #1178
|
||||
- Launch MongoDB when the Island starts via python. #1148
|
||||
- Create/check data directory on Island initialization. #1170
|
||||
- Format some log messages to make them more readable. #1283
|
||||
- Improve runtime of some unit tests. #1125
|
||||
- Run curl OR wget (not both) when attempting to communicate as a new user on
|
||||
Linux. #1407
|
||||
|
||||
### Removed
|
||||
- Relevant dead code as reported by Vulture. #1149
|
||||
- Island logger config and --logger-config CLI option. #1151
|
||||
|
||||
### Fixed
|
||||
- Attempted to delete a directory when monkey config reset was called. #1054
|
||||
- Attempt to delete a directory when monkey config reset was called. #1054
|
||||
- An errant space in the windows commands to run monkey manually. #1153
|
||||
- gevent tracebacks in console output. #859
|
||||
- Gevent tracebacks in console output. #859
|
||||
- Crash and failure to run PBAs if max depth reached. #1374
|
||||
|
||||
### Security
|
||||
- Address minor issues discovered by Dlint. #1075
|
||||
- Generate random passwords when creating a new user (create user PBA, ms08_67 exploit). #1174
|
||||
- Hash passwords on server-side instead of client side. #1139
|
||||
- Generate random passwords when creating a new user (create user PBA, ms08_67
|
||||
exploit). #1174
|
||||
- Implemented configuration encryption/decryption. #1189, #1204
|
||||
- Create local custom PBA directory with secure permissions. #1270
|
||||
- Create encryption key file for MongoDB with secure permissions. #1232
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
title: "MITRE ATT&CK report"
|
||||
description: "Maps the Monkey's actions to the MITRE ATT&CK knowledge base"
|
||||
date: 2020-06-24T21:17:18+03:00
|
||||
weight: 3
|
||||
draft: false
|
||||
---
|
||||
|
||||
|
|
|
@ -0,0 +1,49 @@
|
|||
---
|
||||
title: "Ransomware report"
|
||||
date: 2021-08-05T13:23:10+03:00
|
||||
weight: 4
|
||||
draft: false
|
||||
description: "Provides information about ransomware simulation on your network"
|
||||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the Infection Monkey's ransomware simulation documentation]({{< ref
|
||||
"/usage/scenarios/ransomware-simulation" >}}) and [the documentation for other
|
||||
available reports]({{< ref "/reports" >}}).
|
||||
{{% /notice %}}
|
||||
|
||||
The Infection Monkey can be configured to [simulate a ransomware
|
||||
attack](/usage/scenarios/ransomware-simulation) on your network. After running,
|
||||
it generates a **Ransomware Report** that provides you with insight into how
|
||||
ransomware might behave within your environment.
|
||||
|
||||
The report is split into three sections:
|
||||
|
||||
- [Breach](#breach)
|
||||
- [Lateral Movement](#lateral-movement)
|
||||
- [Attack](#attack)
|
||||
|
||||
## Breach
|
||||
|
||||
The breach section shows when and where the ransomware infection began.
|
||||
|
||||
![Breach](/images/usage/reports/ransomware_report_1_breach.png "Breach")
|
||||
|
||||
|
||||
## Lateral movement
|
||||
|
||||
The lateral movement section provides information about how the simulated
|
||||
ransomware was able to propagate through your network.
|
||||
|
||||
|
||||
![Lateral
|
||||
Movement](/images/usage/reports/ransomware_report_2_lateral_movement.png
|
||||
"Lateral Movement")
|
||||
|
||||
|
||||
## Attack
|
||||
|
||||
The attack section shows the details of what the simulated ransomware
|
||||
successfully encrypted, including a list of specific files.
|
||||
|
||||
![Attack](/images/usage/reports/ransomware_report_3_attack.png "Attack")
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
title: "Security report"
|
||||
date: 2020-06-24T21:16:10+03:00
|
||||
weight: 1
|
||||
draft: false
|
||||
description: "Provides actionable recommendations and insight into an attacker's view of your network"
|
||||
---
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
title: "Zero Trust report"
|
||||
date: 2020-06-24T21:16:18+03:00
|
||||
weight: 2
|
||||
draft: false
|
||||
description: "Generates a status report with detailed explanations of Zero Trust security gaps and prescriptive instructions on how to rectify them"
|
||||
---
|
||||
|
|
|
@ -29,7 +29,7 @@ The Infection Monkey Docker container works on Linux only. It is not compatible
|
|||
1. Load the Monkey Island Docker image:
|
||||
|
||||
```bash
|
||||
sudo docker load -i dk.monkeyisland.1.10.0.tar
|
||||
sudo docker load -i dk.monkeyisland.VERSION.tar
|
||||
```
|
||||
|
||||
### 2. Start MongoDB
|
||||
|
@ -58,7 +58,7 @@ been signed by a private certificate authority.
|
|||
sudo docker run \
|
||||
--name monkey-island \
|
||||
--network=host \
|
||||
guardicore/monkey-island:1.10.0
|
||||
guardicore/monkey-island:VERSION
|
||||
```
|
||||
|
||||
### 3b. Start Monkey Island with user-provided certificate
|
||||
|
@ -81,7 +81,7 @@ been signed by a private certificate authority.
|
|||
--network=host \
|
||||
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
||||
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
||||
guardicore/monkey-island:1.10.0 --setup-only
|
||||
guardicore/monkey-island:VERSION --setup-only
|
||||
```
|
||||
|
||||
1. Move your `.crt` and `.key` files to `./monkey_island_data`.
|
||||
|
@ -122,7 +122,7 @@ been signed by a private certificate authority.
|
|||
--network=host \
|
||||
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
||||
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
||||
guardicore/monkey-island:1.10.0
|
||||
guardicore/monkey-island:VERSION
|
||||
```
|
||||
|
||||
### 4. Accessing Monkey Island
|
||||
|
@ -152,7 +152,7 @@ to store data in the `monkey-mongo` container.
|
|||
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xee in position 0: invalid continuation byte
|
||||
```
|
||||
|
||||
Starting a new container from the `guardicore/monkey-island:1.10.0` image
|
||||
Starting a new container from the `guardicore/monkey-island:VERSION` image
|
||||
generates a new secret key for storing sensitive information in MongoDB. If you
|
||||
have an old database instance running (from a previous instance of Infection
|
||||
Monkey), the data stored in the `monkey-mongo` container has been encrypted
|
||||
|
|
|
@ -18,10 +18,10 @@ installed, but the ones that we've tested are:
|
|||
- Kali 2021.2
|
||||
- Parrot 4.11
|
||||
- Rocky 8
|
||||
- Suse Leap 15.3
|
||||
- Ubuntu 18.04
|
||||
- Ubuntu 20.04
|
||||
- Ubuntu 21.04
|
||||
- openSUSE Leap 15.3
|
||||
- Ubuntu Bionic 18.04
|
||||
- Ubuntu Focal 20.04
|
||||
- Ubuntu Hirsute 21.04
|
||||
|
||||
## Deployment
|
||||
|
||||
|
|
|
@ -1,75 +0,0 @@
|
|||
---
|
||||
title: "VMware"
|
||||
date: 2020-05-26T20:57:14+03:00
|
||||
draft: false
|
||||
pre: '<i class="fas fa-laptop-code"></i> '
|
||||
weight: 3
|
||||
tags: ["setup", "vmware"]
|
||||
---
|
||||
|
||||
## Deployment
|
||||
|
||||
1. Deploy the Infection Monkey OVA by choosing **Deploy OVF Template** and
|
||||
following the wizard instructions. *Note: make sure ports 5000 and 5001 on
|
||||
the machine are accessible for inbound TCP traffic.*
|
||||
1. Turn on the Infection Monkey VM.
|
||||
1. Log in to the machine with the following credentials:
|
||||
1. Username: **monkeyuser**
|
||||
1. Password: **Noon.Earth.Always**
|
||||
1. For security purposes, it's recommended that you change the machine
|
||||
passwords by running the following commands: `sudo passwd monkeyuser`, `sudo
|
||||
passwd root`.
|
||||
|
||||
## OVA network modes
|
||||
|
||||
You can use the OVA in one of two modes:
|
||||
|
||||
1. In a network with the DHCP configured — In this case, the Monkey Island will
|
||||
automatically query and receive an IP address from the network.
|
||||
1. With a static IP address — In this case, you should log in to the VM console
|
||||
with the username `monkeyuser` and the password `Noon.Earth.Always`. After logging
|
||||
in, edit the Netplan configuration by entering the following command in the
|
||||
prompt:
|
||||
|
||||
```sh
|
||||
sudo nano /etc/netplan/00-installer-config.yaml
|
||||
```
|
||||
|
||||
Make the following changes:
|
||||
|
||||
```diff
|
||||
# This is the network config written by 'subiquity'
|
||||
network:
|
||||
ethernets:
|
||||
ens160:
|
||||
- dhcp4: true
|
||||
+ dhcp4: false
|
||||
+ addresses: [XXX.XXX.XXX.XXX/24]
|
||||
+ gateway4: YYY.YYY.YYY.YYY
|
||||
+ nameservers:
|
||||
+ addresses: [1.1.1.1]
|
||||
version: 2
|
||||
```
|
||||
|
||||
Replace `XXX.XXX.XXX.XXX` with the desired IP addess of the VM. Replace
|
||||
`YYY.YYY.YYY.YYY` with the default gateway.
|
||||
|
||||
Save the changes then run the command:
|
||||
|
||||
```sh
|
||||
sudo netplan apply
|
||||
```
|
||||
|
||||
If this configuration does not suit your needs, see
|
||||
https://netplan.io/examples/ for more information about how to configure
|
||||
Netplan.
|
||||
|
||||
## Upgrading
|
||||
|
||||
Currently, there's no "upgrade-in-place" option when a new version is released.
|
||||
To get an updated version, download the updated OVA file.
|
||||
|
||||
If you'd like to keep your existing configuration, you can export it to a file
|
||||
using the *Export config* button and then import it to the new Monkey Island.
|
||||
|
||||
![Export configuration](../../images/setup/export-configuration.png "Export configuration")
|
|
@ -20,7 +20,7 @@ After running the installer, the following prompt should appear on the screen:
|
|||
1. Follow the steps to complete the installation.
|
||||
1. Run the Monkey Island by clicking on the desktop shortcut.
|
||||
|
||||
### Start Monkey Island with user-provided certificcate
|
||||
### Start Monkey Island with user-provided certificate
|
||||
|
||||
By default, Infection Monkey comes with a [self-signed SSL certificate](https://aboutssl.org/what-is-self-sign-certificate/). In
|
||||
enterprise or other security-sensitive environments, it is recommended that the
|
||||
|
|
|
@ -35,6 +35,19 @@ $ sha256sum monkey-linux-64
|
|||
|
||||
## Latest version checksums
|
||||
|
||||
| Filename | Type | Version | SHA256 |
|
||||
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
||||
| monkey-windows-64.exe | Windows Agent | 1.11.0 | `12c55377381a8fc7d8ff731db52302ef2f8bb894d8712769e5a91a140ba22b0a` |
|
||||
| monkey-windows-32.exe | Windows Agent | 1.11.0 | `e006b26663f59b92bad8d49b034cd8101dd481f881e3c4839a9c1e64fd99e849` |
|
||||
| monkey-linux-64 | Linux Agent | 1.11.0 | `fb4c979ce6c29bb458be50a44cc6839650826b831da849da69a05dfefdc66462` |
|
||||
| monkey-linux-32 | Linux Agent | 1.11.0 | `88d6d717f99047ae6f8ff9527b41ff004217c99b1b027f112d062dd9e66d11ab` |
|
||||
| Infection_Monkey-1.11.0-x86_64.AppImage | Linux Package | 1.11.0 | `6312b6bff18c11c7db694f42cf5a41e894786c39e3e093b6b15abcbff80337f2` |
|
||||
| infection_monkey_docker_20210811_211212.tgz | Docker | 1.11.0 | `40f203387cadd153f97c6a21dfdddacd4d4eeea334a9300d862bfb4ba528e2e6` |
|
||||
| Monkey Island v1.11.0_3789.exe | Windows Installer | 1.11.0 | `20633c1993ea5f86b57b3a48d6875e8f72881f856f4713d747f07a559da05ccc` |
|
||||
|
||||
|
||||
## Older checksums
|
||||
|
||||
| Filename | Type | Version | SHA256 |
|
||||
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
||||
| monkey-windows-64.exe | Windows Agent | 1.10.0 | `3b499a4cf1a67a33a91c73b05884e4d6749e990e444fa1d2a3281af4db833fa1` |
|
||||
|
@ -49,12 +62,6 @@ $ sha256sum monkey-linux-64
|
|||
| infection_monkey_docker_dockerzt_20210326_172035.tgz | Docker | 1.10.0 | `248640e9eaa18e4c27f67237f0594d9533732f372ba4674d5d1bea43ab498cf5` |
|
||||
| monkey-island-vmware.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
||||
| monkey-island-vmwarezt.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
||||
|
||||
|
||||
## Older checksums
|
||||
|
||||
| Filename | Type | Version | SHA256 |
|
||||
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
||||
| monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068` |
|
||||
| monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8` |
|
||||
| monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956` |
|
||||
|
|
|
@ -74,10 +74,10 @@
|
|||
</a>
|
||||
</div>
|
||||
<div class="col-lg-3 col-sm-6 mb-3">
|
||||
<a href="usage/use-cases" class="px-4 py-5 bg-white shadow text-center d-block">
|
||||
<a href="usage/scenarios" class="px-4 py-5 bg-white shadow text-center d-block">
|
||||
<i class="fas fa-map-marked-alt d-block mb-4" style="font-size: x-large;"></i>
|
||||
<h4 class="mb-3 mt-0">Use Cases</h4>
|
||||
<p class="mb-0">Learn about use cases of the Infection Monkey.</p>
|
||||
<h4 class="mb-3 mt-0">Scenarios</h4>
|
||||
<p class="mb-0">Learn about scenarios of the Infection Monkey.</p>
|
||||
</a>
|
||||
</div>
|
||||
<div class="col-lg-3 col-sm-6 mb-3">
|
||||
|
|
After Width: | Height: | Size: 135 KiB |
After Width: | Height: | Size: 138 KiB |
After Width: | Height: | Size: 257 KiB |
Before Width: | Height: | Size: 310 KiB After Width: | Height: | Size: 278 KiB |
Before Width: | Height: | Size: 296 KiB After Width: | Height: | Size: 283 KiB |
Before Width: | Height: | Size: 136 KiB After Width: | Height: | Size: 140 KiB |
|
@ -1 +1 @@
|
|||
dev
|
||||
release
|
||||
|
|
|
@ -4,7 +4,7 @@ import argparse
|
|||
from pathlib import Path
|
||||
|
||||
MAJOR = "1"
|
||||
MINOR = "10"
|
||||
MINOR = "11"
|
||||
PATCH = "0"
|
||||
build_file_path = Path(__file__).parent.joinpath("BUILD")
|
||||
with open(build_file_path, "r") as build_file:
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
import logging
|
||||
import random
|
||||
import shutil
|
||||
import string
|
||||
import subprocess
|
||||
|
||||
|
@ -64,11 +65,13 @@ class CommunicateAsNewUser(PBA):
|
|||
'Invoke-WebRequest {url} -UseBasicParsing"'
|
||||
)
|
||||
else:
|
||||
# true || false -> 0. false || true -> 0. false || false -> 1. So:
|
||||
# if curl works, we're good.
|
||||
# If curl doesn't exist or fails and wget work, we're good.
|
||||
# And if both don't exist: we'll call it a win.
|
||||
format_string = "curl {url} || wget -O/dev/null -q {url}"
|
||||
if shutil.which("curl") is not None:
|
||||
format_string = "curl {url}"
|
||||
else:
|
||||
format_string = "wget -O/dev/null -q {url}"
|
||||
return format_string.format(url=url)
|
||||
|
||||
def send_result_telemetry(self, exit_status, commandline, username):
|
||||
|
|
|
@ -2,7 +2,7 @@ import os
|
|||
|
||||
from infection_monkey.control import ControlClient
|
||||
|
||||
TEMP_COMSPEC = os.path.join(os.getcwd(), "random_executable.exe")
|
||||
TEMP_COMSPEC = os.path.join(os.getcwd(), "T1216_random_executable.exe")
|
||||
|
||||
|
||||
def get_windows_commands_to_proxy_execution_using_signed_script():
|
||||
|
|
|
@ -16,5 +16,5 @@ class T1216PBAFileDownload(flask_restful.Resource):
|
|||
executable_file_name = "T1216_random_executable.exe"
|
||||
return send_from_directory(
|
||||
directory=os.path.join(MONKEY_ISLAND_ABS_PATH, "cc", "resources", "pba"),
|
||||
filename=executable_file_name,
|
||||
path=executable_file_name,
|
||||
)
|
||||
|
|
|
@ -18,7 +18,7 @@ def setup_data_dir(island_args: IslandCmdArgs) -> Tuple[IslandConfigOptions, str
|
|||
def _setup_config_by_cmd_arg(server_config_path) -> Tuple[IslandConfigOptions, str]:
|
||||
server_config_path = expand_path(server_config_path)
|
||||
config = server_config_handler.load_server_config_from_file(server_config_path)
|
||||
create_secure_directory(config.data_dir)
|
||||
create_secure_directory(str(config.data_dir))
|
||||
return config, server_config_path
|
||||
|
||||
|
||||
|
@ -26,7 +26,7 @@ def _setup_default_config() -> Tuple[IslandConfigOptions, str]:
|
|||
default_config = server_config_handler.load_server_config_from_file(DEFAULT_SERVER_CONFIG_PATH)
|
||||
default_data_dir = default_config.data_dir
|
||||
|
||||
create_secure_directory(default_data_dir)
|
||||
create_secure_directory(str(default_data_dir))
|
||||
|
||||
server_config_path = server_config_handler.create_default_server_config_file(default_data_dir)
|
||||
config = server_config_handler.load_server_config_from_file(server_config_path)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "infection-monkey",
|
||||
"version": "1.10.0",
|
||||
"version": "1.11.0",
|
||||
"lockfileVersion": 1,
|
||||
"requires": true,
|
||||
"dependencies": {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"private": true,
|
||||
"version": "1.10.0",
|
||||
"version": "1.11.0",
|
||||
"name": "infection-monkey",
|
||||
"description": "Infection Monkey C&C UI",
|
||||
"scripts": {
|
||||
|
|
|
@ -10,7 +10,7 @@ const LATERAL_MOVEMENT_DESCRIPTION = 'After the initial breach, the attacker wil
|
|||
<br /> \
|
||||
<br /> \
|
||||
<a \
|
||||
href="https://www.guardicore.com/blog/stopping-ransomware-with-segmentation/" \
|
||||
href="https://www.guardicore.com/blog/stopping-ransomware-with-segmentation/?utm_medium=monkey-request&utm_source=web-report&utm_campaign=monkey-security-report" \
|
||||
target="_blank" \
|
||||
> \
|
||||
See some real-world examples on Guardicore\'s blog. \
|
||||
|
|