ThreatNG Security

View Original

OSINT Poll

The list of “intelligence” to collect, analyze, assess, report, and monitor is vast with never ending possibilities of disciplines and categories. With so much “out there”, we want to take a poll and ask, “What are the most important sources of information that you use to investigate and manage the risk posture of your organization?”

From our own experience, we believe the following to be some of the most popular or common to most organizations:

Certificates

Cloud Infrastructure

Code Repositories

Dark Web

Email

Employee and Employment Sentiment

IPs/Ports/Protocols Related information

Lawsuits

Layoff Announcements and Warnings

Online Text Sharing (i.e. Pastebin, Gist, etc.)

Organization Executive or VIP Online Presence

Metadata

Private Company Funding Information

Subdomains

Social Media

Search Engine Dorks

Securities and Exchange Commission Filings

Security Policies (i.e Bug Bounty, Security.txt, Privacy and Legal Policies, etc.)

Technology Stack

Website Archives

Do you agree? Disagree? What would you add to the list?

“Comment” below, or “Email” us with your thoughts.