Infosec Intelligence - Tools, Tips and Tricks
As threats and attacks continue to grow and evolve, security practices and solutions that will provide predictability and inform better defenses are more important than ever.
Intelligence, in terms of cybersecurity, is the collection, evaluation and response to data gathered on an organization's network and their IT infrastructure, along with the use of that collected data to assess and improve an organization's security posture.
Similarly, intelligence gathering involves the assessment of a piece of data that doesn’t hold context, and adding context to give it actionability and understandability in order to process it. It is the combination of information to tell a story, which informs better decision making and provides a tool to make intelligent predictions about the future — based on the understanding of the present.
Intelligence gathering is recognized by different types, based on the data collected and the way it’s collected; OSINT (open source intelligence), CYBINT (cyber intelligence) and HUMINT (human intelligence) being the three types most often used in cybersecurity. Intelligence is important as we have seen data breaches where the target was informed about the breach only after a third party had notified them, even if their log files contained evidence of intrusion.
To avoid being blindsided by attacks, and to more easily identify and stop malicious attackers, the collecting, analyzing and prioritizing of all assets an organization owns will provide actionable intelligence that can empower the existing security tools.
Now that we’ve reiterated the importance of intelligence gathering, here’s what you can learn in our category of the same name. From showcases of our proprietary intelligence tools like SurfaceBrowser™ and tools we love to perform intelligence gathering with like OSINT Framework to in-depth posts on OSINT, the best OSINT tools available, and attack surface, we have it all in our “Intelligence” category.

What is DNS Intelligence?
We've written about the importance of IP addresses before, such as in our article exploring IP intelligence. In that piece we dived into how useful IP data is for the entire internet, as well as the critical role it plays in the cybersecurity industry.

IP Intelligence: The Fuel Behind Modern Cybersecurity
We've published a lot of articles that involve the 'intelligence' topic, because it's one of the most requested subjects for both blue and red teams. And despite what many non-technical people may think, cybersecurity isn't only defined by DDoS attacks, massive defacing, and other popular types of cyber crime, it's also defined by intelligence data.

Cyber Counterintelligence: When Defense Alone is No Longer Sufficient
"The best defense is good offense" is a saying that can be applied to many fields: military, games, business... and cybersecurity. However, the standard 'defense-only' approach many organizations have been taking is simply not sufficient for dealing with the current threat landscape. And just as intelligence services keep an eye on terrorists to stop them before they attack, organizations should move towards adopting the offensive approach to protect their infrastructure and systems.

Cyber Crime Investigation Tools and Techniques Explained
Investigating a crime scene is not an easy job. It requires years of study to learn how to deal with hard cases, and most importantly, get those cases resolved. This applies not only to real-world crime scenes, but also to those in the digital world.

Ripped from the Headlines: Discovered Link Between Jacob Wohl and Surefire Intelligence
SecurityTrails data can be leveraged for many uses, ranging from helping security researchers and companies defend against future attacks with up-to-date data to helping non-technical users discover valuable information about the legitimacy of companies and their domains.

What is OSINT? How can I make use of it?
In the past months, we have reviewed a couple interesting OSINT utilities. In fact, a few weeks ago, we also published the best OSINT Tools as a great resource for everyone starting an information security investigation. But one thing is missing for all those who have just been introduced to the fascinating world of cybersecurity: the key concept of OSINT.

Intelligence collection about your competitors using SecurityTrails, featured by Syed Balkhi
SecurityTrails can be used to discover the future plans of your competitors. See how.