14 March 2007

OSINT 2: When is it time?

In our last post we were exploring the "Open Source Intelligence" discussion. We said that we were going to continue the arguments. We wonder why some companies don't have a more proactive OSINT operation in their own institution looking at potential threat intel. While there are very expensive services that can package up exactly what you are looking for, sometimes it just takes a little more time and the right "Sources." Take Michael Sutton's Blog for instance:
Phree Phishing
I recently blogged about the phishing pages that I found during a Tour of the Google Blacklist . In that posting I noted how I was surprised to find that Yahoo! was actually hosting phishing sites designed to phish Yahoo! credentials. Not surprisingly, Read More...

Filed under

A Tour of the Google Blacklist
[Update 01.10.07: In response to some of the queries that I've been receiving, I've published a follow up blog to discuss the structure/decryption algorithm of Google's Encoded/Hashed Blacklist .] I recently decided to devote a day to walking Read More...
Posted 04 January 07 12:48 by msutton

Filed under , ,

You could get a service from Michael's X-Lab, at iDefense or even a more wide range of collection capabilities from the likes of Cyveillance to assist the in-house OSINT operation. Throw in some Stratfor, OSAC and one or two variations of Symantec or Qualys and you have it mostly covered. Except for one thing. Plenty of "Gray Matter."

We might agree that there is more information out there than anyone could possibly imagine accessible with a few clicks and keystrokes. Yet the easy part is the collection and the filtering or storage. Making any sense of it all with the relevance you seek is the "Holy Grail" for you, today. But that might change tomorrow.

It's the consistent development of a new hypothesis and testing it that determines who will get the next new piece of information ready for OSINT. And still the question remains. Will this be better kept secret, or out in the "Wild"? The argument usually isn't whether the results of the test should be published, it's more about when.

Open Source Intelligence is going to be around for some time to come. The tools are getting even better to find and process information. The only real impediment will continue to be those who want to wait and hold on to it a little longer. And remember this:

OSINT: If Intelligence were a baseball game...

No comments:

Post a Comment