This masterclass with Vincent Cook, Founder and CEO of CYB3R OPERATIONS, introduces Open Source Intelligence (OSINT) and will cover the main definition and concepts related to OSINT, as well as practical, hands-on skills required to locate and analyse information.
OSINT is any way of collecting and analysing information that is freely available online to produce actionable intelligence.
Threat intelligence interlinks with OSINT. OSINT was viewed as luxury, however it can be used as part of Threat intelligence. An analogy is you know what’s within the castle walls i.e. your secure data, but you need to find out what’s outside the castle walls. This helps to understand the threats as they increase.
Need to consider ‘What, So what, Now what’:
What – are we actually looking for online? Eg social media profile, leaked documents, dark web content etc.
So what – why is this actually relevant?
Now what – what are the intelligence remediable action points.
Automated intelligence tools help to speed up investigations, and create situational awareness (what’s outside the castle walls), however, need to note that bad data in = bad data out i.e. results that are not relevant to research.
Use and search multiple search engines, not just Google.
No threat intelligence equates to a reliability on hope. A hope that they are not being talked about online or on the dark web. Hope isn’t good risk management, therefore it is important to have access to tools and threat management systems.