One thing about many industries is that there are a ton of acronyms for everything. The tech industry certainly has it’s fair share, as well as those in security. OSINT stands for Open Source Intelligence. You may also hear other terms like passive, or public, reconnaissance. The underlying theme of these terms is that public information is used, in some way, shape, or form, to discover risks/threats to a business or a person.
How businesses benefit
When it comes to businesses, roughly 80% of the risk/threat comes from inside. Some of these risks/threats include employees, contractors, and vendors. With the proliferation of social media, disgruntled employees may turn to these platforms to leak sensitive data. Rogue I.T., such as people bringing in their own routers, may open ports that are discovered externally by search engines. The same is true for misconfigured devices that the business owns. A server not set up correctly may allow search engines to index items that are not intended for public consumption. As a result of these examples, it is very possible that data and technology are accessible externally. By identifying these risks/threats, an organization is better able to control their environment.
Businesses also benefit from our service when looking for the external threats, whether it’s your website that might be vulnerable, or if login credentials were leaked somewhere, or if there is a malicious entity masquerading as your business, or if there is sensitive data that was uploaded somewhere publicly facing. Breached accounts put your company and clients at risk.
From a malicious actor mindset, gathering everything about your organization is the first, and most important step before carrying out an attack against your company. If you are in a particular industry, keeping an eye on emerging threats will allow you to put a plan in place to weather a storm; another benefit of OSINT.
Whether you are concerned about:
- Data breaches
- Loss of productivity
- Loss of data
- Insider threat
- Identity theft
We conduct research to uncover these issues and provide reporting to show any risks discovered, what they are, and how to go about fixing the issue.
Contact us now to start a conversation with us. We’re here to help.