Infosec Intelligence - Tools, Tips and Tricks

As threats and attacks continue to grow and evolve, security practices and solutions that will provide predictability and inform better defenses are more important than ever.

Intelligence, in terms of cybersecurity, is the collection, evaluation and response to data gathered on an organization's network and their IT infrastructure, along with the use of that collected data to assess and improve an organization's security posture.

Similarly, intelligence gathering involves the assessment of a piece of data that doesn’t hold context, and adding context to give it actionability and understandability in order to process it. It is the combination of information to tell a story, which informs better decision making and provides a tool to make intelligent predictions about the future — based on the understanding of the present.

Intelligence gathering is recognized by different types, based on the data collected and the way it’s collected; OSINT (open source intelligence), CYBINT (cyber intelligence) and HUMINT (human intelligence) being the three types most often used in cybersecurity. Intelligence is important as we have seen data breaches where the target was informed about the breach only after a third party had notified them, even if their log files contained evidence of intrusion.

To avoid being blindsided by attacks, and to more easily identify and stop malicious attackers, the collecting, analyzing and prioritizing of all assets an organization owns will provide actionable intelligence that can empower the existing security tools.

Now that we’ve reiterated the importance of intelligence gathering, here’s what you can learn in our category of the same name. From showcases of our proprietary intelligence tools like SurfaceBrowser™ and tools we love to perform intelligence gathering with like OSINT Framework to in-depth posts on OSINT, the best OSINT tools available, and attack surface, we have it all in our “Intelligence” category.

Cyber Counterintelligence: When Defense Alone is No Longer Sufficient.
SecurityTrails Blog · Mar 05 2020 · by Sara Jelen

Cyber Counterintelligence: When Defense Alone is No Longer Sufficient

“The best defense is good offense” is a saying that can be applied to many fields: military, games, business… and cybersecurity. However, the standard ‘defense-only’ approach many organizations have been taking is simply not sufficient for dealing with the current threat landscape. And just as intelligence services keep an eye on terrorists to stop them before they attack, organizations should move towards adopting the offensive approach to protect their infrastructure and systems.

IP Intelligence: The Fuel Behind Modern Cybersecurity.
SecurityTrails Blog · Mar 05 2020 · by Esteban Borges

IP Intelligence: The Fuel Behind Modern Cybersecurity

We’ve published a lot of articles that involve the ‘intelligence’ topic, because it’s one of the most requested subjects for both blue and red teams. And despite what many non-technical people may think, cybersecurity isn’t only defined by DDoS attacks, massive defacing, and other popular types of cyber crime, it’s also defined by intelligence data.

What is OSINT? How can I make use of it?.
SecurityTrails Blog · Last updated on Apr 22 2020 · by Esteban Borges

What is OSINT? How can I make use of it?

In the past months, we have reviewed a couple interesting OSINT utilities. In fact, a few weeks ago, we also published the best OSINT Tools as a great resource for everyone starting an information security investigation. But one thing is missing for all those who have just been introduced to the fascinating world of cybersecurity: the key concept of OSINT.