With the passage of time, it is clear that cyber security is becoming a greater source of concern for most businesses. As a result, reports of large websites being hacked and their data stolen by cybercriminals are particularly alarming. OSINT is used by these organisations to collect public security exposures of their websites before they are made public or exploited by criminals. This type of task is usually delegated to the local IT department, and it usually starts with suspicious website visits.
Open Source Intelligence
(OSINT) is a branch of intelligence that derives information from publicly available data. It is particularly useful because of its ability to save resources while also allowing for strategic intelligence sharing due to its inherently public nature.
Why are OSINT assessments important for your business?
OSINT allows you to identify public security disclosures before attackers can find and exploit them.
What does OSINT entail?
Our experienced consultants will use a variety of resources to research the target prior to an attempted breach, should one be in scope. These techniques can include:
- Search Engines
- Email Harvesting
- DNS Records
- Social Media
- Public Records Physical
- Physical Perimeter Walk
- Dumpster Diving
- Shoulder Surfing
Web Application Testing
Web application attacks range in size and complexity, from the exploitation of vulnerable open source components, to app-specific attacks which take advantage of user controls. Internal web applications are at risk too, from disgruntled or malicious users who may find loopholes and use their position to wreak havoc. Learn more >
If you develop a software product or service, are you confident that it’s as secure as it can be? Your clients rely on you to keep their data secure, so if you’ve not had your product or service independently assessed, your reputation is at risk if a vulnerability is discovered. Learn more >