Organisations purspective

Organisations can use OSINT to better understand their risk and threat posture. Once this has been established, organisations can use this intelligence to help develop better defensive strategies. OSINT can be used for the following:

1. Board level - OSINT can be used to examine the attack posture of C-suite and board members within an organisation. Cybercriminals and threat actors will carry out OSINT gathering towards an organisation to obtain intelligence around an organisaitons board members. Intelligence can be gathered from Social media sites, company websites, and freely available articles/whitepapers. Digital footprint.

2. Brand and business reputation - Monitoring of social media platforms and review sites can help with any escalation.

3. Data Leaks - OSINT can be used to investigate and triage data leaks.

4. Situational awareness - No matter where you are in the world situational awareness is key. OSINT plays a part in protecting an organisation’s physical facilities and employees. Certain regions and countries will have different threat and risk levels. OSINT is used to monitor situations either before or as they unfold.

5. Insider threats - OSINT can be used by various means to discover insider threats.

6. Real-Time Incident Response - OSINT can be used to help triage and investigate real-time incident response,

Some sources of OSINT:

• IP addresses

• Domain Name System (DNS)

• Usernames

• Email addresses

• Social networks / Social media post

• Metadata (social media content, images, video, blogs etc.)

• Public records

• Telephone numbers

• Blogs and messaging sites