Finding the Open Source Intelligence (OSINT) that affects your business or agency can help reduce your attack surface. You just have to find it first. Take a look at how OSINT works and how to secure it.
According to the Office of the Director of National Intelligence, Open Source Intelligence (OSINT) “is publicly available information appearing in print or electronic form including radio, television, newspapers, journals, the internet, commercial databases and videos, graphics and drawings.”
A Primer on OSINT
After you’ve found that OSINT exists in your business, you need to take a closer look in order to lock it down. The Open Web Application Security Project (OWASP) offers a five-step process for managing it:
Find the source: Determine the source at which to look for OSINT.
Harvesting: Obtain relevant data from the source you found.
Data processing: Process the data obtained from the source to uncover its meaningful information.
Analysis: Join that information across multiple sources.
Reporting: Create a final report on what they’ve found where.
Doing this makes it easier to know what assets you have and what those devices might have access to. That includes whatever someone can find in public without digging or breaking into any networks. That might be public assets within the company or in social media posts. Look for employee posts threat actors could use for a phishing attack, documen ..
Support the originator by clicking the read the rest link below.
