Understanding the Threats to
Intelligently Defend: OSINT
Leonard Kleinman
Chief Cyber Security Advisor, RSA
CREDIT: http://bmastech.com/society-services.html
https://www.gdatasoftware.com/blog/2018/09/31037-malware-figures-first-half-2018-danger-web
What is Open Source INTelligence (OSINT)?
“Any intelligence produced from publicly available
information that is collected, exploited, and disseminated in
a timely manner to an appropriate audience for the purpose
of addressing a specific intelligence requirement.” (U..S. Director of
National Intelligence and the U.S. Department of Defense (DoD)
“Minimise risk and prevent the realization of threats by
identifying, evaluating and assigning credibility to potential
cyberthreats.”
The OSINT Process
OSINT Tools
Spam Example
URLVOID Website Reputation Checker
Shodan Example
Shodan Example
Shodan Example
Social Engineering Example
CREDIT: Wikipedia CREDIT: Redteamsecure.com
Phases of the Penetration test / Red team
MotivationThe data and the Money.
Monetisation of Assets.
AwarenessHumans are the weakest
link. Mandatory staff training.
Poor rate of timely
breach discovery
Increase visibility to prevent,
investigate and remediate.
Exercise CareBe mindful of the information
you share online. No work
information at all.
Your adversaries
are using it
Fundamental mechanism
employed by the bad guys. Why aren’t you using it?
THANK YOU!