What Is It?
Open Source Intelligence (OSINT) gathering is the activity of gathering and analysis of publicly available and legally accessible data to form information about a specific organisation, person or area of interest.
Why Assess It?
There are many reasons to conduct an open source intelligence security assessment, five of which are below.
Understand Your Exposure
There is a lot of data available which takes time and skill to find but you can obtain all the capability by using an open source intelligence assessment, where the data is reviewed, triaged for risk and then used to enrich other data points to provide an informational overview of where your organisation is exposed.
Refine Organisational Training
The identification of data that could be of use to a threat actor allows you to understand how it got there, which means training and processes can be refined to stop further information disclosure.
Identify At Risk Personnel
During an open source intelligence assessment you can discover who in your organisation would be a high priority target for any would be threat actor looking to launch a targeted phishing or vishing attack. It is also possible to make a prediction about how any such attack would take place, allowing you to stay one step ahead of the threat actors. This activity also can be useful in validating how much information is exposed regarding sensitive positions in an organisation such as if the Chief Executive Officers home address is discoverable for example.
Secure Information Disclosure Points
Data discovered during open source intelligence activities has originated somewhere. Sometimes this is through a lack of awareness on what the organisation publishes externally. Conducting this exercise allows you to validate what your organisation exposes and that it, for example, appropriately sanitises documents metadata in files so usernames and internal file share names are not leaked.
Research Competitors
Open source intelligence activities are legal to conduct against any target, meaning this can be used by your organisation to enumerate how a competitors organisation works to help you maintain a competitive advantage.
The Agility Cyber Approach
Like all our engagements, we want you to get the most out of your open source intelligence security assessment and we do this by:
Multi-Domain
We are not solely focused on one category of data and understand that to provide truly valuable information we need to work across the multiple domains such as conducting reconnaissance on not just the organisation but its people, property, processes as well as suppliers and other relationships.
Data Enrichment
Data is a single point which can be misleading, inaccurate or simply incorrect. We counter this by ensuring that we pair data points together to build up an information picture, allowing us to discover even more whilst ensuring that what has been discovered results in actionable information and is free of inaccuracy.
Extensive Discovery
There are no fixed sources for open source intelligence activities. We will utilise certain sources across engagements, but we are not constrained by this and will always strive to provide you the clearest and most comprehensive picture.
Actionable Recommendations
Once information is in the public domain, especially when present on the Internet, it is nigh on impossible to remove securely. However that does not mean the recommendations have to be vague or high level. We always give actionable recommendations because even though the information is out there, it does not mean your security response has to be static.
Breach Identification
Whilst conducting the open source intelligence activities we always bear in mid the possibility that we are not the only ones who have or are looking into your organisation or chosen target. If we come across something that is indicating an imminent attack, we will raise it as a priority and if we think you have been breached then we will disclose this to you immediately with suggested responsive actions you can take.
Benefits of Partnering with Agility Cyber
Mutually Invested
Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.
Clarity and Simplicity
We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.
Full Consultancy
Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.
Impartiality
We are impartial, we do not sell you products or the latest buzzword laden trending solution.
Outstanding Service
We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.