Understanding the Threats to

Intelligently Defend: OSINT

Leonard Kleinman

Chief Cyber Security Advisor, RSA

CREDIT: http://bmastech.com/society-services.html

https://www.gdatasoftware.com/blog/2018/09/31037-malware-figures-first-half-2018-danger-web

What is Open Source INTelligence (OSINT)?

“Any intelligence produced from publicly available

information that is collected, exploited, and disseminated in

a timely manner to an appropriate audience for the purpose

of addressing a specific intelligence requirement.” (U..S. Director of

National Intelligence and the U.S. Department of Defense (DoD)

“Minimise risk and prevent the realization of threats by

identifying, evaluating and assigning credibility to potential

cyberthreats.”

The OSINT Process

OSINT Tools

Spam Example

URLVOID Website Reputation Checker

Shodan Example

Shodan Example

Shodan Example

Social Engineering Example

CREDIT: Wikipedia CREDIT: Redteamsecure.com

Phases of the Penetration test / Red team

MotivationThe data and the Money.

Monetisation of Assets.

AwarenessHumans are the weakest

link. Mandatory staff training.

Poor rate of timely

breach discovery

Increase visibility to prevent,

investigate and remediate.

Exercise CareBe mindful of the information

you share online. No work

information at all.

Your adversaries

are using it

Fundamental mechanism

employed by the bad guys. Why aren’t you using it?

THANK YOU!