{"id":1830,"date":"2025-11-14T15:33:58","date_gmt":"2025-11-14T12:33:58","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/siber-guvenlik-tehditlerinde-artis-abarti-mi-neden-bu-kadar-artti-ve-ne-yapabiliriz\/"},"modified":"2025-11-14T15:33:58","modified_gmt":"2025-11-14T12:33:58","slug":"siber-guvenlik-tehditlerinde-artis-abarti-mi-neden-bu-kadar-artti-ve-ne-yapabiliriz","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/siber-guvenlik-tehditlerinde-artis-abarti-mi-neden-bu-kadar-artti-ve-ne-yapabiliriz\/","title":{"rendered":"Siber G\u00fcvenlik Tehditlerinde Art\u0131\u015f Abart\u0131 m\u0131? Neden Bu Kadar Artt\u0131 ve Ne Yapabiliriz?"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Bir_Bildirim_Bir_Ic_Cekis_ve_Aklima_Dusen_Soru\"><span class=\"toc_number toc_depth_1\">1<\/span> Bir Bildirim, Bir \u0130\u00e7 \u00c7eki\u015f ve Akl\u0131ma D\u00fc\u015fen Soru<\/a><\/li><li><a href=\"#Neden_Tehditler_Artiyor_Cevap_Basit_Yuzey_Buyudu\"><span class=\"toc_number toc_depth_1\">2<\/span> Neden Tehditler Art\u0131yor? Cevap Basit: Y\u00fczey B\u00fcy\u00fcd\u00fc<\/a><\/li><li><a href=\"#E-posta_Kapisi_Kimlige_Burunmus_Mesajlar_ve_Kucuk_Isaretler\"><span class=\"toc_number toc_depth_1\">3<\/span> E-posta Kap\u0131s\u0131: Kimli\u011fe B\u00fcr\u00fcnm\u00fc\u015f Mesajlar ve K\u00fc\u00e7\u00fck \u0130\u015faretler<\/a><ul><li><a href=\"#Gonderen_adi_degil_adresi_konusur\"><span class=\"toc_number toc_depth_2\">3.1<\/span> G\u00f6nderen ad\u0131 de\u011fil, adresi konu\u015fur<\/a><\/li><li><a href=\"#E-postayi_yolda_sifrelemek_icerigi_ayiklamak\"><span class=\"toc_number toc_depth_2\">3.2<\/span> E-postay\u0131 yolda \u015fifrelemek, i\u00e7eri\u011fi ay\u0131klamak<\/a><\/li><\/ul><\/li><li><a href=\"#Web_Uygulamasi_Guvenligi_Kucuk_Guncellemeler_Buyuk_Farklar\"><span class=\"toc_number toc_depth_1\">4<\/span> Web Uygulamas\u0131 G\u00fcvenli\u011fi: K\u00fc\u00e7\u00fck G\u00fcncellemeler, B\u00fcy\u00fck Farklar<\/a><ul><li><a href=\"#Sertifikayi_ertelemeyen_kazanir\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Sertifikay\u0131 ertelemeyen kazan\u0131r<\/a><\/li><li><a href=\"#Cerezlerin_davranisi_dusundugunuzden_onemli\"><span class=\"toc_number toc_depth_2\">4.2<\/span> \u00c7erezlerin davran\u0131\u015f\u0131 d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fczden \u00f6nemli<\/a><\/li><\/ul><\/li><li><a href=\"#Fidye_Yazilimlari_ve_Yedekler_8220Keske8221_Dememek_Icin\"><span class=\"toc_number toc_depth_1\">5<\/span> Fidye Yaz\u0131l\u0131mlar\u0131 ve Yedekler: &#8220;Ke\u015fke&#8221; Dememek \u0130\u00e7in<\/a><\/li><li><a href=\"#Gorunmeyen_Katmanlar_Altyapi_Loglar_ve_Kucuk_Alarmciklar\"><span class=\"toc_number toc_depth_1\">6<\/span> G\u00f6r\u00fcnmeyen Katmanlar: Altyap\u0131, Loglar ve K\u00fc\u00e7\u00fck Alarmc\u0131klar<\/a><\/li><li><a href=\"#Parola_ve_Kimlik_Uzat_Basitlestir_Hatirlat\"><span class=\"toc_number toc_depth_1\">7<\/span> Parola ve Kimlik: Uzat, Basitle\u015ftir, Hat\u0131rlat<\/a><\/li><li><a href=\"#Uygulama_Katmaninda_Kucuk_Dokunuslar_Kod_Dagitim_ve_Gozunuzun_Ucu\"><span class=\"toc_number toc_depth_1\">8<\/span> Uygulama Katman\u0131nda K\u00fc\u00e7\u00fck Dokunu\u015flar: Kod, Da\u011f\u0131t\u0131m ve G\u00f6z\u00fcn\u00fcz\u00fcn Ucu<\/a><\/li><li><a href=\"#Erisim_Paylasimi_ve_Insan_Faktoru_Kultur_Ufak_Ritueller_ve_Durustluk\"><span class=\"toc_number toc_depth_1\">9<\/span> Eri\u015fim Payla\u015f\u0131m\u0131 ve \u0130nsan Fakt\u00f6r\u00fc: K\u00fclt\u00fcr, Ufak Rit\u00fceller ve D\u00fcr\u00fcstl\u00fck<\/a><\/li><li><a href=\"#Kucuk_Bir_Kontrol_Listesi_Yerine_Gunluk_Aliskanliklar\"><span class=\"toc_number toc_depth_1\">10<\/span> K\u00fc\u00e7\u00fck Bir Kontrol Listesi Yerine G\u00fcnl\u00fck Al\u0131\u015fkanl\u0131klar<\/a><\/li><li><a href=\"#Toparlayalim_Bugun_Atilacak_Uc_Adim\"><span class=\"toc_number toc_depth_1\">11<\/span> Toparlayal\u0131m: Bug\u00fcn At\u0131lacak \u00dc\u00e7 Ad\u0131m<\/a><\/li><\/ul><\/div>\n<h2 id=\"section-1\"><span id=\"Bir_Bildirim_Bir_Ic_Cekis_ve_Aklima_Dusen_Soru\">Bir Bildirim, Bir \u0130\u00e7 \u00c7eki\u015f ve Akl\u0131ma D\u00fc\u015fen Soru<\/span><\/h2>\n<p>Telefonuma ak\u015fam\u00fcst\u00fc, tam kahvemi tazelerken bir bildirim d\u00fc\u015ft\u00fc: \u201cKargonuz teslim edilemedi, \u015fu ba\u011flant\u0131ya t\u0131klay\u0131n.\u201d Hani o bir anl\u0131k dalg\u0131nl\u0131k vard\u0131r ya, parma\u011f\u0131m linkin \u00fczerinde gezindi, sonra durdum. G\u00f6nderenin adresine bakt\u0131m, alan ad\u0131 tan\u0131d\u0131k de\u011fil. O an fark ettim; sald\u0131r\u0131lar art\u0131k eskisi gibi kaba saba de\u011fil, hayat\u0131n <strong>tam i\u00e7ine<\/strong> s\u0131zm\u0131\u015f. Banka gibi konu\u015fuyor, kargo gibi davran\u0131yor, hatta ekip arkada\u015f\u0131n\u0131z\u0131n yazd\u0131\u011f\u0131 kadar do\u011fal c\u00fcmleler kuruyorlar. Hi\u00e7 sizin de ba\u015f\u0131n\u0131za geldi mi? Bir an i\u00e7in \u201cYa do\u011fruysa?\u201d diye d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fcz o k\u00fc\u00e7\u00fck teredd\u00fct, i\u015fte en \u00e7ok oradan yakal\u0131yorlar.<\/p>\n<p>Bug\u00fcn bu art\u0131\u015f\u0131, yani <strong>siber g\u00fcvenlik tehditlerinde art\u0131\u015f<\/strong> dedi\u011fimiz dalgan\u0131n nedenlerini konu\u015fal\u0131m istiyorum. Sadece korkmak de\u011fil niyetim. Tam tersi: Neler de\u011fi\u015fti, sald\u0131rganlar neyi daha iyi yap\u0131yor, biz neyi basit\u00e7e daha iyi yapabiliriz? Mesela e-postay\u0131 yolda \u015fifrelemekten, \u00e7erez ayarlar\u0131n\u0131n k\u00fc\u00e7\u00fck dokunu\u015flar\u0131na; fidye yaz\u0131l\u0131mlar\u0131na kar\u015f\u0131 yedekleri \u00f6nden kilitlemekten, parolalarla bar\u0131\u015fman\u0131n yollar\u0131na kadar. Hepsini tek tek, g\u00fcndelik \u00f6rneklerle, a\u011f\u0131r teknik jargona bo\u011fmadan anlataca\u011f\u0131m. Haz\u0131rsan\u0131z, bir sonraki \u201c\u015e\u00fcpheli ama olabilir\u201d an\u0131nda elinizin daha sa\u011flam olaca\u011f\u0131, k\u00fc\u00e7\u00fck ama etkili bir rehber \u00e7\u0131karal\u0131m beraber.<\/p>\n<h2 id=\"section-2\"><span id=\"Neden_Tehditler_Artiyor_Cevap_Basit_Yuzey_Buyudu\">Neden Tehditler Art\u0131yor? Cevap Basit: Y\u00fczey B\u00fcy\u00fcd\u00fc<\/span><\/h2>\n<p>Bir ofisin kap\u0131lar\u0131 bir tane olsayd\u0131, g\u00fcvenlik g\u00f6revlisinin i\u015fi kolayd\u0131. Kap\u0131 \u00e7o\u011fal\u0131nca, pencereler de a\u00e7\u0131l\u0131nca, y\u00fck artt\u0131. Teknolojide de benzer oldu. Evden \u00e7al\u0131\u015fma derken; bulut servisleri, micro servisler, SaaS hesaplar\u0131, mobil uygulamalar, ki\u015fisel cihazlardan ba\u011flanmalar\u2026 Her biri yeni bir kap\u0131. Kap\u0131lar\u0131n say\u0131s\u0131 artt\u0131k\u00e7a, bir yerden s\u0131zmak kolayla\u015f\u0131yor. \u00dcstelik sald\u0131rganlar da art\u0131k sab\u0131rla izleyip do\u011fru zaman\u0131 kolluyor.<\/p>\n<p>Bir de \u015funu ekleyin: Biz i\u015fimizi kolayla\u015ft\u0131rmak i\u00e7in otomasyonlar kurduk, entegrasyonlar yapt\u0131k, API anahtarlar\u0131n\u0131 \u015furaya buraya koyduk, i\u015f ak\u0131\u015flar\u0131n\u0131 birbirine ba\u011flad\u0131k. <strong>Kolayl\u0131\u011f\u0131n bir bedeli<\/strong> olur; g\u00f6r\u00fcnmeyen yerleri korumay\u0131 da \u00f6\u011frenmek gerekir. Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn\u00fcn: Evde anahtar\u0131 paspas\u0131n alt\u0131na b\u0131rak\u0131rs\u0131n\u0131z, aileniz kolay girsin diye. Ama paspas\u0131n alt\u0131 da herkesin akl\u0131na ilk gelir. Sistemlerdeki \u201cpaspas altlar\u0131\u201d da API anahtarlar\u0131, varsay\u0131lan ayarlar, ertelenen g\u00fcncellemeler. Sald\u0131rganlar\u0131n en sevdi\u011fi k\u00fc\u00e7\u00fck kestirmeler i\u015fte bunlar.<\/p>\n<h2 id=\"section-3\"><span id=\"E-posta_Kapisi_Kimlige_Burunmus_Mesajlar_ve_Kucuk_Isaretler\">E-posta Kap\u0131s\u0131: Kimli\u011fe B\u00fcr\u00fcnm\u00fc\u015f Mesajlar ve K\u00fc\u00e7\u00fck \u0130\u015faretler<\/span><\/h2>\n<p>Kimlik av\u0131 mesajlar\u0131 art\u0131k \u015fa\u015f\u0131rt\u0131c\u0131 derecede incelikli. G\u00f6nderen ad\u0131 ger\u00e7ek ki\u015fininki gibi, imza k\u0131sm\u0131 \u00f6zenli, hatta cevap verince kar\u015f\u0131l\u0131k bile geliyor. Bu noktada kurtar\u0131c\u0131 olan k\u00fc\u00e7\u00fck al\u0131\u015fkanl\u0131klar var. \u00d6nce g\u00f6nderenin <strong>tam adresine<\/strong> bak\u0131n, sadece g\u00f6r\u00fcnen ada de\u011fil. Alan ad\u0131 garipse, \u201co\u201d harfi yerine s\u0131f\u0131r kullan\u0131lm\u0131\u015fsa, aksanla oynanm\u0131\u015fsa, bir \u015f\u00fcphe pay\u0131 kals\u0131n. Linkin \u00fczerine gelip nereye gitti\u011fine bakmak, ek uzant\u0131lar (rar, exe, js) g\u00f6r\u00fcnce frene basmak, bir t\u0131k \u00f6nleyici oluyor.<\/p>\n<h3><span id=\"Gonderen_adi_degil_adresi_konusur\">G\u00f6nderen ad\u0131 de\u011fil, adresi konu\u015fur<\/span><\/h3>\n<p>\u0130\u015fin bir de yolu var: E-posta trafi\u011finin yolda dinlenmesini zorla\u015ft\u0131rmak. G\u00f6nderen taraf\u0131nda DMARC, SPF, DKIM gibi ayarlardan s\u00f6z edebiliriz ama al\u0131c\u0131 ve ta\u015f\u0131ma taraf\u0131 da \u00f6nemli. Mesela <a href=\"https:\/\/www.dchost.com\/blog\/mta-sts-tls-rpt-ve-dane-tlsa-ile-smtp-guvenligi-teslim-edilebilirligi-ve-sifrelemeyi-nasil-guclendirirsin\/\">SMTP trafi\u011fini MTA-STS, TLS-RPT ve DANE\/TLSA ile \u015fifreleyip g\u00fc\u00e7lendirmek<\/a>, posta yolculu\u011funu z\u0131rhl\u0131 araca \u00e7evirmek gibi. Posta kutunuza giden yol g\u00fcvendeyse, ortadaki kar\u0131\u015ft\u0131rmalara daha az f\u0131rsat kal\u0131yor.<\/p>\n<h3><span id=\"E-postayi_yolda_sifrelemek_icerigi_ayiklamak\">E-postay\u0131 yolda \u015fifrelemek, i\u00e7eri\u011fi ay\u0131klamak<\/span><\/h3>\n<p>G\u00fcvenlik sadece duvar \u00f6rmek de\u011fil, ak\u0131\u015f\u0131 anla\u015f\u0131l\u0131r hale getirmek. Zararl\u0131 ekleri filtrelemek, \u015f\u00fcpheli linkleri \u201csandbox\u201d \u00fczerinde a\u00e7mak, URL\u2019leri t\u0131klamadan \u00f6nce temizlemek\u2026 Bunlar kula\u011fa b\u00fcy\u00fck \u015firket i\u015fi gibi gelebilir ama bulut tabanl\u0131 e-posta g\u00fcvenlik servisleriyle k\u00fc\u00e7\u00fck ekipler de uygulayabiliyor. \u00d6nemli olan tek seferlik de\u011fil, <strong>al\u0131\u015fkanl\u0131k haline gelen<\/strong> k\u00fc\u00e7\u00fck ad\u0131mlar. Her yeni ekip \u00fcyesine bu k\u00fclt\u00fcr\u00fc anlatmak da i\u015fin yar\u0131s\u0131.<\/p>\n<h2 id=\"section-4\"><span id=\"Web_Uygulamasi_Guvenligi_Kucuk_Guncellemeler_Buyuk_Farklar\">Web Uygulamas\u0131 G\u00fcvenli\u011fi: K\u00fc\u00e7\u00fck G\u00fcncellemeler, B\u00fcy\u00fck Farklar<\/span><\/h2>\n<p>Web d\u00fcnyas\u0131nda sald\u0131r\u0131lar\u0131n bir k\u0131sm\u0131 kap\u0131y\u0131 zorlam\u0131yor; biz kap\u0131y\u0131 a\u00e7\u0131k unutunca i\u00e7eri bak\u0131yorlar. Uygulama g\u00fcncellemeleri, eklenti yamalar\u0131, \u00e7er\u00e7eve s\u00fcr\u00fcmleri\u2026 Biliyorum, takvim s\u0131k\u0131\u015f\u0131k, i\u015fler yo\u011fun. Ama buray\u0131 ertelemek, trafik \u0131\u015f\u0131\u011f\u0131nda g\u00f6z\u00fcn\u00fcz\u00fc yoldan ay\u0131rmak gibi. Bir anl\u0131k bo\u015fluk b\u00fcy\u00fck hasar b\u0131rak\u0131yor. \u0130tiraf edeyim, \u201cBu yama yar\u0131n\u201d deyip ertelemi\u015fli\u011fim \u00e7oktur; sonra kendime not: \u201cBir dahaki ertelemede iki kere d\u00fc\u015f\u00fcn.\u201d<\/p>\n<h3><span id=\"Sertifikayi_ertelemeyen_kazanir\">Sertifikay\u0131 ertelemeyen kazan\u0131r<\/span><\/h3>\n<p>Bir de \u015fu sertifika i\u015fleri var. Bazen yenileme, bazen algoritma tercihi\u2026 Sertifika bitince site \u201cg\u00fcvenilmez\u201d diye ba\u011f\u0131r\u0131yor, kullan\u0131c\u0131ya k\u00f6t\u00fc bir deneyim kal\u0131yor, \u00fcst\u00fcne arada birileri f\u0131rsat kolluyor. Erteleme huyunu k\u0131rmak i\u00e7in, <a href=\"https:\/\/www.dchost.com\/blog\/ssl-sertifika-guvenlik-guncellemeleri-neden-hep-son-dakikaya-kaliyor-ne-zaman-nasil-guncellemeli\/\">SSL sertifika g\u00fcncellemelerini son dakikaya b\u0131rakmama takti\u011fi<\/a> gibi basit bir takvimlendirme, otomasyon ve uyar\u0131 sistemi kurmak \u00e7ok i\u015fe yar\u0131yor. K\u00fc\u00e7\u00fck bir hat\u0131rlatma, b\u00fcy\u00fck bir kesintiyi engeller.<\/p>\n<h3><span id=\"Cerezlerin_davranisi_dusundugunuzden_onemli\">\u00c7erezlerin davran\u0131\u015f\u0131 d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fczden \u00f6nemli<\/span><\/h3>\n<p>Oturum \u00e7erezlerinin ayar\u0131 da \u201ck\u00fc\u00e7\u00fck ama kritik\u201d s\u0131n\u0131f\u0131ndan. \u201cSameSite=Lax m\u0131 Strict mi?\u201d diye d\u00fc\u015f\u00fcn\u00fcrken asl\u0131nda sald\u0131rgan\u0131n elinden \u00e7erez \u00e7almay\u0131 zorla\u015ft\u0131r\u0131yoruz. \u201cSecure\u201d ve \u201cHttpOnly\u201d bayraklar\u0131n\u0131 do\u011fru konumland\u0131rmak da cabas\u0131. Konu g\u00f6z korkutmas\u0131n; ad\u0131m ad\u0131m gitti\u011finizde kolayca toparlan\u0131yor. Merak edenler i\u00e7in, <a href=\"https:\/\/www.dchost.com\/blog\/samesitelax-mi-strict-mi-secure-ve-httponly-ile-nginx-apachede-cerezleri-tertemiz-nasil-kurarsin\/\">SameSite, Secure ve HttpOnly ile \u00e7erezleri tertemiz ayarlamak<\/a> g\u00fcncel taray\u0131c\u0131 davran\u0131\u015flar\u0131yla \u00e7ok g\u00fczel \u00f6rt\u00fc\u015f\u00fcyor.<\/p>\n<p>Uygulama taraf\u0131nda giri\u015f noktalar\u0131n\u0131 sadele\u015ftirmek, gereksiz u\u00e7lar\u0131 kapatmak, admin panelini klasik adreslerden ta\u015f\u0131mak gibi ufak dokunu\u015flar da etkili. Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn\u00fcn: Eve ikinci bir kap\u0131 a\u00e7t\u0131n\u0131z, ama kimse bilmesin istiyorsunuz. O kap\u0131ya kamera takars\u0131n\u0131z, hareket alg\u0131lay\u0131nca haber verirsiniz, anahtar\u0131 ayr\u0131 bir yerde saklars\u0131n\u0131z. Uygulamalar da b\u00f6yle; az ama iyi korunan giri\u015f, hayat\u0131 kolayla\u015ft\u0131r\u0131yor.<\/p>\n<h2 id=\"section-5\"><span id=\"Fidye_Yazilimlari_ve_Yedekler_8220Keske8221_Dememek_Icin\">Fidye Yaz\u0131l\u0131mlar\u0131 ve Yedekler: &#8220;Ke\u015fke&#8221; Dememek \u0130\u00e7in<\/span><\/h2>\n<p>Fidye yaz\u0131l\u0131mlar\u0131 tam bir \u201coyunu kilitle, anahtar\u0131 sat\u201d takti\u011fi. \u0130\u00e7eri bir kez girince, dosya uzant\u0131lar\u0131ndan ba\u015flay\u0131p sunucuya, payla\u015f\u0131ml\u0131 s\u00fcr\u00fcc\u00fclere kadar uzanabiliyor. En korkutucu taraf\u0131 \u015fu: Yedeklere dokunabiliyorsa, geri d\u00f6n\u00fc\u015f\u00fc de zorla\u015ft\u0131r\u0131yor. O y\u00fczden yedek sadece var olmakla de\u011fil, <strong>de\u011fi\u015ftirilememekle<\/strong> anlaml\u0131. \u201cWrite once, read many\u201d diye anlat\u0131lan bu mant\u0131\u011f\u0131 bulut d\u00fcnyas\u0131nda pratik hale getiren \u00e7\u00f6z\u00fcmler var. \u00d6rne\u011fin, <a href=\"https:\/\/www.dchost.com\/blog\/s3-object-lock-ile-fidye-yazilima-karsi-kale-gibi-yedek-versioning-mfa-delete-ve-geri-donus-testlerini-samimi-samimi-konusalim\/\">S3 Object Lock ile fidye yaz\u0131l\u0131ma kar\u015f\u0131 kilitli yedek stratejisi<\/a> tam olarak bu i\u015fi yap\u0131yor: Dosya kilitliyken, k\u00f6t\u00fc niyetli biri bile silse bile, versiyondan geri d\u00f6nebiliyorsunuz.<\/p>\n<p>Yedeklerin kullan\u0131\u015fl\u0131 olmas\u0131 i\u00e7in teste ihtiyac\u0131 var. Yani \u201cYede\u011fim var\u201d demek yetmiyor, \u201cYedekten geri d\u00f6nebiliyorum\u201du da c\u00fcmleye eklemek gerekiyor. Bunun i\u00e7in ayda bir k\u00fc\u00e7\u00fck tatbikat yap\u0131n. Bir klas\u00f6r\u00fc silip yedekten geri getirmek kadar basit bir prova bile, ger\u00e7ek durumda saniyeler kazand\u0131r\u0131r. Ayr\u0131ca kritik eri\u015fimleri \u00e7ok fakt\u00f6rl\u00fc do\u011frulamayla korumak, y\u00f6netici hesaplar\u0131n\u0131 iki ki\u015filik onaya ba\u011flamak ve eri\u015fim anahtarlar\u0131n\u0131 k\u0131sa s\u00fcreli \u00fcretmek, riskinizi g\u00f6zle g\u00f6r\u00fcl\u00fcr \u015fekilde azalt\u0131r.<\/p>\n<h2 id=\"section-6\"><span id=\"Gorunmeyen_Katmanlar_Altyapi_Loglar_ve_Kucuk_Alarmciklar\">G\u00f6r\u00fcnmeyen Katmanlar: Altyap\u0131, Loglar ve K\u00fc\u00e7\u00fck Alarmc\u0131klar<\/span><\/h2>\n<p>Altyap\u0131da \u00e7o\u011fu sorun kendini k\u00fc\u00e7\u00fck gecikmelerle belli eder. Loglarda hata mesajlar\u0131 artar, bekleme s\u00fcreleri uzar, 404\u2019ler kabar\u0131r. Bu k\u00fc\u00e7\u00fck t\u0131kan\u0131kl\u0131klar bazen do\u011fal, bazen sald\u0131r\u0131n\u0131n ayak izidir. \u201cNormal\u201di tan\u0131y\u0131nca \u201canormal\u201d kendini ele verir. Bu y\u00fczden log toplamay\u0131, birka\u00e7 temel uyar\u0131 kural\u0131n\u0131 ve bildirimleri cep telefonuna ya da ekip sohbetine ak\u0131tmay\u0131 al\u0131\u015fkanl\u0131k haline getirin. Alarm\u0131n a\u015f\u0131r\u0131 olmas\u0131 da yorar, bu y\u00fczden en kritik e\u015fikleri se\u00e7mek yeterli: Oturum a\u00e7ma denemeleri, ba\u015far\u0131s\u0131z y\u00f6netici giri\u015fleri, beklenmeyen \u00fclke\/ASN eri\u015fimleri gibi birka\u00e7 iyi se\u00e7ilmi\u015f ba\u015fl\u0131k i\u015f g\u00f6r\u00fcr.<\/p>\n<p>Uygulaman\u0131z\u0131n ve sunucular\u0131n\u0131z\u0131n d\u0131\u015f d\u00fcnyaya a\u00e7\u0131k portlar\u0131n\u0131 arada bir g\u00f6zden ge\u00e7irmek, gereksizleri kapatmak, y\u00f6netim panellerini IP\u2019yle s\u0131n\u0131rlamak ve anahtarla giri\u015fe zorlamak da bu katmanda en \u00e7ok i\u015fe yarayan basitlikler. Bir de k\u00fc\u00e7\u00fck bir not: \u015eirket d\u0131\u015f\u0131ndan ba\u011flanan cihazlar i\u00e7in g\u00fcncelleme rutini \u015fart. Evde kullan\u0131lan bilgisayar\u0131n g\u00fcncellemeleri ve taray\u0131c\u0131 eklentileri, \u015firketinizin g\u00fcvenli\u011fine do\u011frudan tesir ediyor.<\/p>\n<h2 id=\"section-7\"><span id=\"Parola_ve_Kimlik_Uzat_Basitlestir_Hatirlat\">Parola ve Kimlik: Uzat, Basitle\u015ftir, Hat\u0131rlat<\/span><\/h2>\n<p>Parola konusu y\u0131llarca \u201ckarma\u015f\u0131kl\u0131k\u201d \u00fczerinden anlat\u0131ld\u0131; sonu\u00e7ta herkes not defterine t\u00fcreyemeyen semboller yazd\u0131, sonra da kopyala-yap\u0131\u015ft\u0131rla ya\u015famaya ba\u015flad\u0131. Pratik yol biraz farkl\u0131: Uzun <strong>parola t\u00fcmceleri<\/strong> kullanmak ve tek bir yerde de\u011fil, her yerde benzersiz parolalar \u00fcretmek daha \u00f6\u011fretici. Parola y\u00f6neticisi kullan\u0131nca bu i\u015f zahmet olmaktan \u00e7\u0131k\u0131yor. \u0130ki ad\u0131ml\u0131 do\u011frulama da ayr\u0131 bir g\u00fcvenlik z\u0131rh\u0131. Bir uygulama s\u0131zsa bile, ikinci ad\u0131mda sizi bekleyen bir bariyer daha var.<\/p>\n<p>Parola hijyenini g\u00fc\u00e7lendirmek i\u00e7in, s\u0131zan verilerde e-posta adresinizin g\u00f6r\u00fcn\u00fcp g\u00f6r\u00fcnmedi\u011fine bakmak faydal\u0131. <a href=\"https:\/\/haveibeenpwned.com\/\" rel=\"nofollow noopener\" target=\"_blank\">E-posta adresiniz s\u0131zm\u0131\u015f m\u0131 diye bakmak<\/a> h\u0131zl\u0131 bir kontrol sa\u011flar; g\u00f6r\u00fcnen bir sonu\u00e7 varsa, o servisteki parolay\u0131 hemen de\u011fi\u015ftirin, ba\u015fka yerde kullan\u0131yorsan\u0131z oralar\u0131 da temizleyin. Hangi a\u00e7\u0131klar yayg\u0131n, nerelere dikkat etmeli diye merak ediyorsan\u0131z, <a href=\"https:\/\/owasp.org\/www-project-top-ten\/\" rel=\"nofollow noopener\" target=\"_blank\">OWASP Top 10 listesine g\u00f6z atmak<\/a> g\u00fcnl\u00fck dilde bile iyi bir rehber olur.<\/p>\n<p>Uzun, ak\u0131lda kal\u0131r, ki\u015fisel bir anlam\u0131 olan ama tahmin edilmesi g\u00fc\u00e7 parola t\u00fcmceleri g\u00fcnl\u00fck ak\u0131\u015fta i\u015finizi kolayla\u015ft\u0131r\u0131r. Ek olarak, \u00e7ok fakt\u00f6rl\u00fc do\u011frulama i\u00e7in SMS yerine uygulama tabanl\u0131 kod \u00fcreticiler veya donan\u0131m anahtarlar\u0131 tercih edilebilir; SMS yine i\u015fe yarar ama uygulama ve anahtarlar daha az aksakl\u0131k \u00e7\u0131kar\u0131r. K\u0131lavuzlar\u0131 severseniz, <a href=\"https:\/\/pages.nist.gov\/800-63-3\/sp800-63b.html\" rel=\"nofollow noopener\" target=\"_blank\">NIST\u2019in dijital kimlik y\u00f6nergelerine g\u00f6z atmak<\/a> zihni a\u00e7ar; teknik detaylar\u0131 de\u011fil, \u201cmant\u0131\u011f\u0131\u201d almak bile g\u00fcnl\u00fck pratikte \u00e7ok i\u015f g\u00f6r\u00fcr.<\/p>\n<h2 id=\"section-8\"><span id=\"Uygulama_Katmaninda_Kucuk_Dokunuslar_Kod_Dagitim_ve_Gozunuzun_Ucu\">Uygulama Katman\u0131nda K\u00fc\u00e7\u00fck Dokunu\u015flar: Kod, Da\u011f\u0131t\u0131m ve G\u00f6z\u00fcn\u00fcz\u00fcn Ucu<\/span><\/h2>\n<p>Kod taraf\u0131nda g\u00fcvenlik, tek bir b\u00fcy\u00fck duvar de\u011fil; k\u00fc\u00e7\u00fck, birbirini tamamlayan \u00e7itler gibi. Girdi do\u011frulamay\u0131 \u201cilk sat\u0131r\u201d haline getirmek, parametreleri beklenen formatta s\u0131n\u0131rland\u0131rmak, dosya y\u00fcklemelerinde i\u00e7erik t\u00fcr\u00fcn\u00fc ve boyutu s\u0131k\u0131 tutmak\u2026 Hepsi k\u00fc\u00e7\u00fck ama k\u00fcm\u00fclatif bir g\u00fc\u00e7 olu\u015fturur. Kay\u0131t tutarken hassas veriyi maskeler, \u00fcretimde ayr\u0131nt\u0131 s\u0131zd\u0131rmayan hata mesajlar\u0131 g\u00f6sterirseniz, i\u00e7eriden ipucu vermezsiniz. Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn\u00fcn: Sald\u0131rgan ad\u0131mlar\u0131n\u0131 hisle atar; ne kadar az iz g\u00f6r\u00fcrse, o kadar h\u0131zl\u0131 yorulur.<\/p>\n<p>Da\u011f\u0131t\u0131m taraf\u0131nda, gizli anahtarlar\u0131 repo d\u0131\u015f\u0131nda y\u00f6netmek, ortam de\u011fi\u015fkenlerini gerekti\u011finde bile k\u0131sa \u00f6m\u00fcrl\u00fc tutmak, yetkiyi en az yetki prensibiyle s\u0131n\u0131rlamak g\u00fcnl\u00fck pratikleriniz olsun. Otomatik ba\u011f\u0131ml\u0131l\u0131k taramalar\u0131 ve d\u00fczenli g\u00fcncelleme takvimi, \u201cBu s\u00fcr\u00fcmde bilinen a\u00e7\u0131k var m\u0131?\u201d sorusunu \u00fczerine kalemle not d\u00fc\u015fer gibi g\u00f6z\u00fcn\u00fcz\u00fcn \u00f6n\u00fcne getirir. Otomasyonda \u201cdur, bir bak\u201d diyen kontrol noktalar\u0131 koyarsan\u0131z, insan hatas\u0131n\u0131 b\u00fcy\u00fck hataya d\u00f6n\u00fc\u015fmeden yakalars\u0131n\u0131z.<\/p>\n<h2 id=\"section-9\"><span id=\"Erisim_Paylasimi_ve_Insan_Faktoru_Kultur_Ufak_Ritueller_ve_Durustluk\">Eri\u015fim Payla\u015f\u0131m\u0131 ve \u0130nsan Fakt\u00f6r\u00fc: K\u00fclt\u00fcr, Ufak Rit\u00fceller ve D\u00fcr\u00fcstl\u00fck<\/span><\/h2>\n<p>Bir sald\u0131r\u0131n\u0131n en kolay kap\u0131s\u0131 yine insan. Hepimizin iyi niyetle yapt\u0131\u011f\u0131 k\u00fc\u00e7\u00fck kolayl\u0131klar var: Payla\u015f\u0131lan \u015fifreler, ortak hesaplar, \u201cH\u0131zl\u0131ca girip bakaca\u011f\u0131m\u201d bahanesiyle a\u00e7\u0131lan ge\u00e7ici kullan\u0131c\u0131lar\u2026 Bunlar\u0131 tamamen s\u0131f\u0131rlamak zor; ama g\u00f6r\u00fcn\u00fcr k\u0131lmak m\u00fcmk\u00fcn. Ekipte bir \u201cg\u00fcvenlik rit\u00fceli\u201d olu\u015fturun. \u00d6rne\u011fin, her ay\u0131n ilk haftas\u0131 kullan\u0131lan hesaplar\u0131 g\u00f6zden ge\u00e7irin, ortak \u015fifreleri d\u00f6n\u00fc\u015ft\u00fcr\u00fcn, ayr\u0131lanlar\u0131n eri\u015fimlerini kapat\u0131n. Ekip sohbetinde g\u00fcvenlik k\u00f6\u015fesi a\u00e7\u0131p, tek bir \u015f\u00fcpheli olay\u0131 payla\u015fmak bile fark yarat\u0131r.<\/p>\n<p>\u015e\u00fcpheli bir dosyay\u0131 a\u00e7t\u0131ysan\u0131z ya da yanl\u0131\u015f bir linke t\u0131klad\u0131ysan\u0131z, tela\u015fla saklamay\u0131n. Ne kadar erken payla\u015f\u0131rsan\u0131z, o kadar k\u00fc\u00e7\u00fck atlat\u0131l\u0131r. Bazen sald\u0131r\u0131 b\u00fcy\u00fcmez, bazen b\u00fcy\u00fcr; ama erken uyar\u0131 her senaryoda kazan\u0131r. Unutmay\u0131n, g\u00fcvenlik \u201csu\u00e7luyu bulma\u201d de\u011fil, <strong>zarar\u0131 s\u0131n\u0131rlama<\/strong> sanat\u0131d\u0131r. Su\u00e7lay\u0131c\u0131 de\u011fil, \u00e7\u00f6z\u00fcm odakl\u0131 bir dil, hatalar\u0131n tekrar\u0131n\u0131 azalt\u0131r.<\/p>\n<h2 id=\"section-10\"><span id=\"Kucuk_Bir_Kontrol_Listesi_Yerine_Gunluk_Aliskanliklar\">K\u00fc\u00e7\u00fck Bir Kontrol Listesi Yerine G\u00fcnl\u00fck Al\u0131\u015fkanl\u0131klar<\/span><\/h2>\n<p>Kontrol listeleri g\u00fczeldir ama bir defterin aras\u0131nda kal\u0131r. Ben daha \u00e7ok g\u00fcnl\u00fck ak\u0131\u015fa kar\u0131\u015fan k\u00fc\u00e7\u00fck al\u0131\u015fkanl\u0131klar\u0131 seviyorum. Gelen linke t\u0131klamadan \u00f6nce bir nefes al\u0131p URL\u2019e bakmak, eklenti kurmadan \u00f6nce \u201cger\u00e7ekten laz\u0131m m\u0131?\u201d diye sormak, y\u00f6netim paneline her giri\u015fte 2FA koduna bakmadan rahat etmemek. T\u0131pk\u0131 kemer takmak gibi; al\u0131\u015f\u0131nca d\u00fc\u015f\u00fcnmeden yap\u0131l\u0131yor. Bir s\u00fcre sonra g\u00fcvenli davran\u0131\u015f, irade de\u011fil refleks oluyor.<\/p>\n<p>Uygulama taraf\u0131nda \u201ck\u0131rm\u0131z\u0131 \u00e7izgi\u201d alanlar\u0131 belirleyin: \u00d6deme sayfalar\u0131, y\u00f6netici formlar\u0131, dosya y\u00fckleme u\u00e7lar\u0131, API anahtarlar\u0131 saklanan yerler. Bu b\u00f6lgelerde ekstra dikkat, ek log, \u00e7ift uyar\u0131. Di\u011fer alanlar daha rahat olabilir; \u00f6nemli olan kaynaklar\u0131 do\u011fru yerde y\u0131\u011fmak. Sald\u0131rganlar nereye gider? Kolay olan yere. Siz en kolay yeri zor hale getirirseniz, \u00e7o\u011fu deneme burada t\u00fckenir.<\/p>\n<h2 id=\"section-11\"><span id=\"Toparlayalim_Bugun_Atilacak_Uc_Adim\">Toparlayal\u0131m: Bug\u00fcn At\u0131lacak \u00dc\u00e7 Ad\u0131m<\/span><\/h2>\n<p>Bazen uzun listeler g\u00f6z korkutur, bu y\u00fczden kapan\u0131\u015f\u0131 basit tutmak istiyorum. Birincisi, e-posta taraf\u0131nda ta\u015f\u0131ma g\u00fcvenli\u011fini ve gelen kutusu filtrelerini g\u00fc\u00e7lendirin; gerekirse d\u0131\u015f bir servis kullan\u0131n, gerekirse minik ayarlarla ba\u015flay\u0131n. \u0130kincisi, web uygulaman\u0131zda kritik noktalar\u0131 hemen elden ge\u00e7irin: \u00c7erez bayraklar\u0131, sertifika yenilemeleri, a\u00e7\u0131k portlar, admin eri\u015fimleri. \u00dc\u00e7\u00fcnc\u00fcs\u00fc, yedeklerinize bir \u201cdokunulmazl\u0131k\u201d katman\u0131 ekleyin ve ayda bir kez geri d\u00f6n\u00fc\u015f provas\u0131 yap\u0131n. Ufak ad\u0131mlar, b\u00fcy\u00fck stresleri \u00f6nler.<\/p>\n<p>Giderken bir \u00f6neri daha: Uygulamalar\u0131n\u0131zda bilinen a\u00e7\u0131klar\u0131n g\u00f6zden ge\u00e7irilmesi i\u00e7in <a href=\"https:\/\/owasp.org\/www-project-top-ten\/\" rel=\"nofollow noopener\" target=\"_blank\">OWASP Top 10 listesi<\/a> size pratik bir \u00e7er\u00e7eve verir; e-posta hesab\u0131n\u0131z\u0131n daha \u00f6nce s\u0131zmalarda g\u00f6r\u00fcn\u00fcp g\u00f6r\u00fcnmedi\u011fini <a href=\"https:\/\/haveibeenpwned.com\/\" rel=\"nofollow noopener\" target=\"_blank\">h\u0131zl\u0131ca kontrol etmek<\/a> de iyi bir ba\u015flang\u0131\u00e7t\u0131r. Sertifikalar\u0131 ihmal etmemek i\u00e7in basit bir hat\u0131rlatma sistemi kurmak ve <a href=\"https:\/\/www.dchost.com\/blog\/ssl-sertifika-guvenlik-guncellemeleri-neden-hep-son-dakikaya-kaliyor-ne-zaman-nasil-guncellemeli\/\">\u201cson dakika pani\u011fini bitiren\u201d SSL yenileme rutini<\/a> olu\u015fturmak, o me\u015fhur k\u0131rm\u0131z\u0131 ekranlar\u0131 tarihe g\u00f6mer.<\/p>\n<p>Umar\u0131m bu sohbet, <strong>siber g\u00fcvenlik tehditlerinde art\u0131\u015f<\/strong> dedi\u011fimiz dalgan\u0131n arkas\u0131ndaki mekanizmay\u0131 biraz daha g\u00f6r\u00fcn\u00fcr k\u0131lm\u0131\u015ft\u0131r. Korku yerine, eyleme ge\u00e7irecek bir planla bitirmek istedim. Bu yaz\u0131y\u0131 kapat\u0131rken, tek bir \u015feyi se\u00e7ip hemen yap\u0131n: E-posta i\u00e7in MTA-STS plan\u0131, \u00e7erez bayraklar\u0131n\u0131 d\u00fczeltmek ya da yedeklerinize kilit eklemek. Hangisi olursa olsun, bug\u00fcn at\u0131lan ad\u0131m, yar\u0131nki pani\u011fi k\u00fc\u00e7\u00fclt\u00fcr. Bir dahaki yaz\u0131da g\u00f6r\u00fc\u015fmek \u00fczere; g\u00fcvenli, sakin ve kontroll\u00fc kal\u0131n.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Bir Bildirim, Bir \u0130\u00e7 \u00c7eki\u015f ve Akl\u0131ma D\u00fc\u015fen Soru2 Neden Tehditler Art\u0131yor? Cevap Basit: Y\u00fczey B\u00fcy\u00fcd\u00fc3 E-posta Kap\u0131s\u0131: Kimli\u011fe B\u00fcr\u00fcnm\u00fc\u015f Mesajlar ve K\u00fc\u00e7\u00fck \u0130\u015faretler3.1 G\u00f6nderen ad\u0131 de\u011fil, adresi konu\u015fur3.2 E-postay\u0131 yolda \u015fifrelemek, i\u00e7eri\u011fi ay\u0131klamak4 Web Uygulamas\u0131 G\u00fcvenli\u011fi: K\u00fc\u00e7\u00fck G\u00fcncellemeler, B\u00fcy\u00fck Farklar4.1 Sertifikay\u0131 ertelemeyen kazan\u0131r4.2 \u00c7erezlerin davran\u0131\u015f\u0131 d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fczden \u00f6nemli5 Fidye Yaz\u0131l\u0131mlar\u0131 ve Yedekler: &#8220;Ke\u015fke&#8221; Dememek [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1831,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,30,26],"tags":[],"class_list":["post-1830","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nasil-yapilir","category-nedir","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1830","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=1830"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1830\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/1831"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=1830"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=1830"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=1830"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}