Infosec Intelligence - Tools, Tips and Tricks

As threats and attacks continue to grow and evolve, security practices and solutions that will provide predictability and inform better defenses are more important than ever.

Intelligence, in terms of cybersecurity, is the collection, evaluation and response to data gathered on an organization's network and their IT infrastructure, along with the use of that collected data to assess and improve an organization's security posture.

Similarly, intelligence gathering involves the assessment of a piece of data that doesn’t hold context, and adding context to give it actionability and understandability in order to process it. It is the combination of information to tell a story, which informs better decision making and provides a tool to make intelligent predictions about the future — based on the understanding of the present.

Intelligence gathering is recognized by different types, based on the data collected and the way it’s collected; OSINT (open source intelligence), CYBINT (cyber intelligence) and HUMINT (human intelligence) being the three types most often used in cybersecurity. Intelligence is important as we have seen data breaches where the target was informed about the breach only after a third party had notified them, even if their log files contained evidence of intrusion.

To avoid being blindsided by attacks, and to more easily identify and stop malicious attackers, the collecting, analyzing and prioritizing of all assets an organization owns will provide actionable intelligence that can empower the existing security tools.

Now that we’ve reiterated the importance of intelligence gathering, here’s what you can learn in our category of the same name. From showcases of our proprietary intelligence tools like SurfaceBrowser™ and tools we love to perform intelligence gathering with like OSINT Framework to in-depth posts on OSINT, the best OSINT tools available, and attack surface, we have it all in our “Intelligence” category.

SecurityTrails Blog · Mar 05 2020 · by Sara Jelen

Cyber Counterintelligence: When Defense Alone is No Longer Sufficient

“The best defense is good offense” is a saying that can be applied to many fields: military, games, business… and cybersecurity. However, the standard ‘defense-only’ approach many organizations have been taking is simply not sufficient for dealing with the current threat landscape. And just as intelligence services keep an eye on terrorists to stop them before they attack, organizations should move towards adopting the offensive approach to protect their infrastructure and systems.

SecurityTrails Blog · Mar 05 2020 · by Esteban Borges

IP Intelligence: The Fuel Behind Modern Cybersecurity

We’ve published a lot of articles that involve the ‘intelligence’ topic, because it’s one of the most requested subjects for both blue and red teams. And despite what many non-technical people may think, cybersecurity isn’t only defined by DDoS attacks, massive defacing, and other popular types of cyber crime, it’s also defined by intelligence data.

SecurityTrails Blog · Jan 16 2020 · by Esteban Borges

Cyber Crime Investigation Tools and Techniques Explained

Investigating a crime scene is not an easy job. It requires years of study to learn how to deal with hard cases, and most importantly, get those cases resolved. This applies not only to real-world crime scenes, but also to those in the digital world.

SecurityTrails Blog · Jul 16 2019 · by Sara Jelen

Cyber Threat Intelligence

We are living in the age of data. The explosive data growth we are experiencing shows no signs of stopping, as reports show that the size of total worldwide data will grow to 163ZB in next 10 years.

SecurityTrails Blog · Jun 25 2019 · by Esteban Borges

Top 10 Cyber Attack Maps for Visualizing Digital Threat Incidents

A new study by Bromium shows that digital crime revenue has grown to $1.5 trillion dollars annually in illicit profits. Popular websites including GitHub, EA and many others face bigger, more sophisticated attacks every day, falling victim to the growing trend of cybercrime.

SecurityTrails Blog · Jan 10 2019 · by Sara Jelen

OpSec: A Vital Part of Any Cybersecurity Program

We all have something to hide. Even though humans are social beings, there are some things we want to keep to ourselves, and it’s been like that since the beginning of humankind.

SecurityTrails Blog · Dec 11 2018 · by Sara Jelen

Data Intelligence: What is it and why is it so important?

The process of digital transformation has brought us many new developments, and more businesses are becoming data-driven as they are not only able to monetize that data directly, but can also utilize it for future decision-making.

SecurityTrails Blog · Nov 08 2018 · by Esteban Borges

SurfaceBrowser: a Passive Intelligence Tool for Exploring the Surface of Any Company

A few weeks ago we launched our new IP, Domain and Company Enrichment Feeds, and today we’re excited to show you one of the most robust information gathering utilities available on the Internet.

SecurityTrails Blog · Sep 11 2018 · by Esteban Borges

Top CVE’s exploited in the wild

In previous posts, we’ve explored ways to avoid security issues by hardening DNS servers, and also by following best SSH Security practices. However, today we are not going to show you how to protect against attacks. Instead, we will show you the top 10 most dangerous vulnerabilities exploited in the wild during the current year.

SecurityTrails Blog · Last updated on Apr 22 2020 · by Esteban Borges

What is OSINT? How can I make use of it?

In the past months, we have reviewed a couple interesting OSINT utilities. In fact, a few weeks ago, we also published the best OSINT Tools as a great resource for everyone starting an information security investigation. But one thing is missing for all those who have just been introduced to the fascinating world of cybersecurity: the key concept of OSINT.