<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Resilience on Tarragon</title><link>https://tarrragon.github.io/blog/tags/resilience/</link><description>Recent content in Resilience on Tarragon</description><generator>Hugo -- gohugo.io</generator><language>zh-TW</language><copyright>Tarragon (CC BY 4.0)</copyright><lastBuildDate>Thu, 30 Apr 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://tarrragon.github.io/blog/tags/resilience/index.xml" rel="self" type="application/rss+xml"/><item><title>Recovery Readiness Pattern</title><link>https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/control-patterns/recovery-readiness-pattern/</link><pubDate>Thu, 30 Apr 2026 00:00:00 +0000</pubDate><guid>https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/control-patterns/recovery-readiness-pattern/</guid><description>&lt;p>Recovery readiness pattern 的責任是把復原能力變成事前可驗證資產。它讓服務在 ransomware、邊界批量利用或關鍵供應商中斷時,具備備援存取、復原時序與外部依賴溝通的最小骨架。&lt;/p>
&lt;h2 id="支撐素材">支撐素材&lt;/h2>
&lt;table>
 &lt;thead>
 &lt;tr>
 &lt;th>素材&lt;/th>
 &lt;th>可支撐論點&lt;/th>
 &lt;/tr>
 &lt;/thead>
 &lt;tbody>
 &lt;tr>
 &lt;td>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/field-cases/change-healthcare-2024-recovery-and-dependency-pressure/" data-link-title="Change Healthcare 2024:復原與外部依賴壓力" data-link-desc="把 Change Healthcare 事件轉成關鍵服務復原、外部依賴與通報協調壓力素材">Change Healthcare recovery case&lt;/a>&lt;/td>
 &lt;td>核心服務需要多週量級的復原計畫與下游溝通&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/field-cases/ivanti-connect-secure-2024-edge-mass-exploitation/" data-link-title="Ivanti Connect Secure 2024:邊界設備批量利用壓力" data-link-desc="把 Ivanti Connect Secure 零日鏈式利用轉成邊界設備、emergency directive 與 integrity check 壓力素材">Ivanti Connect Secure case&lt;/a>&lt;/td>
 &lt;td>Emergency directive 要求暫時 disconnect,需要備援存取路徑&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/field-cases/citrix-bleed-2023-edge-session-pressure/" data-link-title="Citrix Bleed 2023：入口曝險與 Session 壓力" data-link-desc="把 Citrix Bleed 轉成入口曝險、session hijack 與修補後 hunting 的藍隊案例素材">Citrix Bleed edge case&lt;/a>&lt;/td>
 &lt;td>修補後仍需 session 收斂與服務驗證才算復原&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/field-cases/moveit-2023-mft-exfiltration-pressure/" data-link-title="MOVEit 2023：MFT 外送與通報壓力" data-link-desc="把 MOVEit Transfer exploitation 轉成資料外送、影響範圍判讀與通報壓力的藍隊案例素材">MOVEit exfiltration case&lt;/a>&lt;/td>
 &lt;td>資料系統復原需要與通報、法務節奏對齊&lt;/td>
 &lt;/tr>
 &lt;/tbody>
&lt;/table>
&lt;h2 id="欄位">欄位&lt;/h2>
&lt;table>
 &lt;thead>
 &lt;tr>
 &lt;th>欄位&lt;/th>
 &lt;th>責任&lt;/th>
 &lt;/tr>
 &lt;/thead>
 &lt;tbody>
 &lt;tr>
 &lt;td>Recovery objective&lt;/td>
 &lt;td>定義 RTO / RPO 與接受降級的服務範圍&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>Backup access path&lt;/td>
 &lt;td>定義關鍵入口下線時的備援存取與 break-glass&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>Restore verification&lt;/td>
 &lt;td>定義復原後的功能、資料完整性與 session 驗證&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>Dependency map&lt;/td>
 &lt;td>列出下游機構、第三方供應商與通知對象&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>Communication cadence&lt;/td>
 &lt;td>定義內部、客戶與監管通報的節奏&lt;/td>
 &lt;/tr>
 &lt;/tbody>
&lt;/table>
&lt;h2 id="判讀訊號">判讀訊號&lt;/h2>
&lt;table>
 &lt;thead>
 &lt;tr>
 &lt;th>訊號&lt;/th>
 &lt;th>代表需求&lt;/th>
 &lt;/tr>
 &lt;/thead>
 &lt;tbody>
 &lt;tr>
 &lt;td>演練只演到 patch 完成、忽略復原驗證&lt;/td>
 &lt;td>需要 restore verification&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>Emergency disconnect 後缺少備援入口&lt;/td>
 &lt;td>需要 backup access path&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>下游機構在事件期間缺少對接窗口&lt;/td>
 &lt;td>需要 dependency map 與 communication cadence&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>復原期程估計失準&lt;/td>
 &lt;td>需要更新 recovery objective&lt;/td>
 &lt;/tr>
 &lt;/tbody>
&lt;/table>
&lt;h2 id="適用邊界">適用邊界&lt;/h2>
&lt;p>此模式適合關鍵交易服務、產業共用平台、邊界設備與資料系統。低風險內部工具可保留簡化版的 RTO 與通知欄位,但仍要記錄 dependency map。&lt;/p>
&lt;h2 id="下一步路由">下一步路由&lt;/h2>
&lt;ul>
&lt;li>&lt;a href="https://tarrragon.github.io/blog/backend/knowledge-cards/runbook/" data-link-title="Runbook" data-link-desc="說明 runbook 如何把事故判斷與操作步驟標準化">Runbook&lt;/a>&lt;/li>
&lt;li>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/security-incident-write-back-to-product-and-architecture/" data-link-title="7.24 資安事故如何回寫產品與架構" data-link-desc="把事故教訓回寫到產品決策、架構控制與知識網，建立持續改進閉環">7.24 資安事故如何回寫產品與架構&lt;/a>&lt;/li>
&lt;li>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/scenarios/edge-session-hijack-game-day/" data-link-title="Edge Session Hijack Game Day" data-link-desc="以入口設備 session disclosure 風險設計 edge exposure game day">Edge session hijack game day&lt;/a>&lt;/li>
&lt;li>&lt;a href="https://tarrragon.github.io/blog/backend/07-security-data-protection/blue-team/materials/control-patterns/vulnerability-response-pattern/" data-link-title="Vulnerability Response Pattern" data-link-desc="定義漏洞回應如何從 observed 推進到 assessed、mitigated、patched、validated 與 closed">Vulnerability response pattern&lt;/a>&lt;/li>
&lt;/ul></description><content:encoded><![CDATA[<p>Recovery readiness pattern 的責任是把復原能力變成事前可驗證資產。它讓服務在 ransomware、邊界批量利用或關鍵供應商中斷時,具備備援存取、復原時序與外部依賴溝通的最小骨架。</p>
<h2 id="支撐素材">支撐素材</h2>
<table>
  <thead>
      <tr>
          <th>素材</th>
          <th>可支撐論點</th>
      </tr>
  </thead>
  <tbody>
      <tr>
          <td><a href="/blog/backend/07-security-data-protection/blue-team/materials/field-cases/change-healthcare-2024-recovery-and-dependency-pressure/" data-link-title="Change Healthcare 2024:復原與外部依賴壓力" data-link-desc="把 Change Healthcare 事件轉成關鍵服務復原、外部依賴與通報協調壓力素材">Change Healthcare recovery case</a></td>
          <td>核心服務需要多週量級的復原計畫與下游溝通</td>
      </tr>
      <tr>
          <td><a href="/blog/backend/07-security-data-protection/blue-team/materials/field-cases/ivanti-connect-secure-2024-edge-mass-exploitation/" data-link-title="Ivanti Connect Secure 2024:邊界設備批量利用壓力" data-link-desc="把 Ivanti Connect Secure 零日鏈式利用轉成邊界設備、emergency directive 與 integrity check 壓力素材">Ivanti Connect Secure case</a></td>
          <td>Emergency directive 要求暫時 disconnect,需要備援存取路徑</td>
      </tr>
      <tr>
          <td><a href="/blog/backend/07-security-data-protection/blue-team/materials/field-cases/citrix-bleed-2023-edge-session-pressure/" data-link-title="Citrix Bleed 2023：入口曝險與 Session 壓力" data-link-desc="把 Citrix Bleed 轉成入口曝險、session hijack 與修補後 hunting 的藍隊案例素材">Citrix Bleed edge case</a></td>
          <td>修補後仍需 session 收斂與服務驗證才算復原</td>
      </tr>
      <tr>
          <td><a href="/blog/backend/07-security-data-protection/blue-team/materials/field-cases/moveit-2023-mft-exfiltration-pressure/" data-link-title="MOVEit 2023：MFT 外送與通報壓力" data-link-desc="把 MOVEit Transfer exploitation 轉成資料外送、影響範圍判讀與通報壓力的藍隊案例素材">MOVEit exfiltration case</a></td>
          <td>資料系統復原需要與通報、法務節奏對齊</td>
      </tr>
  </tbody>
</table>
<h2 id="欄位">欄位</h2>
<table>
  <thead>
      <tr>
          <th>欄位</th>
          <th>責任</th>
      </tr>
  </thead>
  <tbody>
      <tr>
          <td>Recovery objective</td>
          <td>定義 RTO / RPO 與接受降級的服務範圍</td>
      </tr>
      <tr>
          <td>Backup access path</td>
          <td>定義關鍵入口下線時的備援存取與 break-glass</td>
      </tr>
      <tr>
          <td>Restore verification</td>
          <td>定義復原後的功能、資料完整性與 session 驗證</td>
      </tr>
      <tr>
          <td>Dependency map</td>
          <td>列出下游機構、第三方供應商與通知對象</td>
      </tr>
      <tr>
          <td>Communication cadence</td>
          <td>定義內部、客戶與監管通報的節奏</td>
      </tr>
  </tbody>
</table>
<h2 id="判讀訊號">判讀訊號</h2>
<table>
  <thead>
      <tr>
          <th>訊號</th>
          <th>代表需求</th>
      </tr>
  </thead>
  <tbody>
      <tr>
          <td>演練只演到 patch 完成、忽略復原驗證</td>
          <td>需要 restore verification</td>
      </tr>
      <tr>
          <td>Emergency disconnect 後缺少備援入口</td>
          <td>需要 backup access path</td>
      </tr>
      <tr>
          <td>下游機構在事件期間缺少對接窗口</td>
          <td>需要 dependency map 與 communication cadence</td>
      </tr>
      <tr>
          <td>復原期程估計失準</td>
          <td>需要更新 recovery objective</td>
      </tr>
  </tbody>
</table>
<h2 id="適用邊界">適用邊界</h2>
<p>此模式適合關鍵交易服務、產業共用平台、邊界設備與資料系統。低風險內部工具可保留簡化版的 RTO 與通知欄位,但仍要記錄 dependency map。</p>
<h2 id="下一步路由">下一步路由</h2>
<ul>
<li><a href="/blog/backend/knowledge-cards/runbook/" data-link-title="Runbook" data-link-desc="說明 runbook 如何把事故判斷與操作步驟標準化">Runbook</a></li>
<li><a href="/blog/backend/07-security-data-protection/security-incident-write-back-to-product-and-architecture/" data-link-title="7.24 資安事故如何回寫產品與架構" data-link-desc="把事故教訓回寫到產品決策、架構控制與知識網，建立持續改進閉環">7.24 資安事故如何回寫產品與架構</a></li>
<li><a href="/blog/backend/07-security-data-protection/blue-team/materials/scenarios/edge-session-hijack-game-day/" data-link-title="Edge Session Hijack Game Day" data-link-desc="以入口設備 session disclosure 風險設計 edge exposure game day">Edge session hijack game day</a></li>
<li><a href="/blog/backend/07-security-data-protection/blue-team/materials/control-patterns/vulnerability-response-pattern/" data-link-title="Vulnerability Response Pattern" data-link-desc="定義漏洞回應如何從 observed 推進到 assessed、mitigated、patched、validated 與 closed">Vulnerability response pattern</a></li>
</ul>
]]></content:encoded></item></channel></rss>