Whats is OSINT?
The information does not necessarily have to be secret to have great value, regardless of where a search is carried out, in the blogs that are visited daily to read the new entries, in the live broadcasts that are made in social networks, physical newspapers or digital that readers tend to read in the early hours of the day or even on posters pasted on walls, offer a large amount of information that allows to improve the understanding of the world, this information that is massively generated day by day is known as open source intelligence or OSINT.
OSINT therefore refers to the information collected from sources with access to the public, this information gathering process includes the search, selection and acquisition of data in order to process, analyze and generate intelligence or applicable knowledge regarding an specific objective.
On a daily basis and unconsciously, OSINT is used by people or companies, marketing, sales, communications, or product management teams use OSINT to investigate and increase conversions or to be more effective when providing a service.
In the field of cybersecurity, using adequate tools and techniques for investigations with OSINT can be very satisfactory, of course, you must have critical thinking and clearly analyze the intelligence strategy, this is because if the investigation that is carried out you are doing is against a company or a person, or if you want to find threats with the aim of eradicating them in your company, correctly defining these techniques and correctly targeting the objectives can save a lot of time.
With OSINT, it is possible to know who the new neighbors are, the new trends in the environment or in the market, even that of the competition of a certain company, it is possible to implement OSINT for many things such as:
- Search, track and trace of people, as well as the collection of employee information such as full names, jobs, software they use.
- Identification of threats to national security.
- Know the online reputation of people or entities.
- Identification of social networks and published content of the target user or company.
- Audit companies to know their level of exposure to the internet.
- Documentation, review of old versions of websites stored on the internet.
- Collection of photos, videos, locations, addresses, phone numbers.
- Technologies used by a website, plugin, open ports, DNS information.
- Identify the emails of company employees.
- Monitoring of personal and corporate blog, as well as the activity that the objective has in the interactive forums.
- Phishing and fraud.
- Malware and threats.
- Cryptocurrency activity.
This service offers a deliverable where all the findings of the investigation are detailed, this document depending on the type of investigation carried out and the scope that has previously been defined.