1

Leveraging OSINT for Enhanced Detection CapabilitiesTAMER EL BAHEYSenior Director, Secur i ty Monitor ing and Operat ions

Emirates Integrated Telecommunicat ion Co. (du)

OSINT

3

Threat Evolution

4

Limited Visibility

5

Tight Budgets

6

The Cyber Kill Chain

1Reconnaissance

7

8

9

1 2

The Cyber Kill Chain

Reconnaissance Delivery

10

11

Reconnaissance Delivery Compromise1 2 3

The Cyber Kill Chain

13

14

15

1 3

4

The Cyber Kill Chain

2

Command & Control

Reconnaissance Delivery Compromise

16

17

18

Lateral Movement

1 3

45

The Cyber Kill Chain

2

Command & Control

Reconnaissance Delivery Compromise

Security

Compliance

Behavior

analysis

Processes

understanding

Violations

monitoring

Access

Confinement

1 3

456

Attack Directives

The Cyber Kill Chain

2

Lateral Movement

Command & Control

Reconnaissance Delivery Compromise

21

22

Recon

aiss

ance

Attac

k Del

ieve

ry

Compro

mise

C&C

Late

ral m

ovem

ent

Attac

k dire

ctiv

es

How did this help us?

24% of security

alerts are associated with OSINT

24

How did this help us?

19%of security incidents are

discovered due to information provided

through OSINT

25

Accuracy

Timeliness

Automation

Continuation

Challenges!

26

Thank you