Open Source Intelligence
Service Summary
Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes.
Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public.
OSINT includes any offline or online information that is publicly available, whether free of cost, purchasable or obtainable by request.
SECWALLS provide a professional team preform an OSINT investigation on your assets. Our team collect and analyze information from online sources, OSINT assessment starts with just the domain name. We use a variety of tools to gather information about your organization, subdomains, pastebin URLs, username/email harvesting, and information disclosure on the dark web, including Advanced Google Hacking techniques.
Key Challenges Addressed
Many information sources detail valuable data via OSINT such as usernames, job titles, contact details, and recruitment information that can be used to build a detailed picture of an organisation and their people.
This can be used by malicious actors to target their attack and improve their likelihood of success. To address this, organisations need to understand where information is leaking and how it could be used against them.
However, searching for OSINT can return overwhelming amounts of data, much of which might not prove useful. Instead, organisations need a clear strategy in place for acquiring accurate information that will help them focus their efforts. Given that this requires experience searching for OSINT and a strong understanding of how it can be used, it is uncommon to find these capabilities within most organisations.
Our Open Source Intelligence Methodology
Source Identification
This phase consists of Google search engine reconnaissance, server fingerprinting, application enumeration, and more. Information gathering efforts result in a compiled list of metadata and raw output to obtain as much information about the application's makeup as possible.
Harvesting
The vulnerability analysis step involves documenting and analyzing vulnerabilities discovered due to Information Gathering and Threat Modeling. This step includes the analysis of output from the various security tools and manual testing techniques.
Data Processing
Process the identified source's data and extract meaningful insights. Analysis : Combine the processed data from multiple sources.
Reporting
Create a final report on findings
