OSINT Summit — Learn All The Things

Thanks for attending my talk at the OSINT Summit

SANS OSINT Summit 2019

Greetings internet friends! If you are here hopefully you attended the 1st ever OSINT Summit held by SANS in Alexandria, VA on February 25th, 2019. If you didn’t attend the summit I’ll try to make this entry a useful resource as a standalone piece.

First off here is a little bit about the summit.

I was one of 8 speakers at the Summit event which featured a broad range of professionals with experience using open source intelligence in different ways. Talks ranged from casual and informative to highly technical. The summit organizers did a great job with the speaker lineup. The summit was available as a single day ticket which was great for any professionals local to the DC area. It was also available as an add-on to anyone taking one of the offered trainings that week:

SEC301: Introduction to Cyber Security

SEC401: Security Essentials Bootcamp Style

SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis

SEC501: Advanced Security Essentials - Enterprise Defender

My talk title was

OSINT: Breach Data, Ethics and OpSec… Oh my!

Data breach has become a regular fixture in our information security headlines. One of my early slides referenced some of the bigger data breaches from the last several years. The site I referenced for some of the stats came from Informationisbeautiful.net. That website has breach data history going back to 2008 and is very handy for research on this type of data.

https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

The use of breach data in an OSINT investigation is something you as an investigator need to determine wether or not is in scope for you, your company or your clients. If you determine that using breach data IS something that is acceptable for you to use professionally the next thing to do is know where to look for it.

The OSINTframework website continues to be one of my go to resources during OSINT research. There is a breach data branch in the framework with several good sites to start with.

Have I been pwned by Troy Hunt has been a long time resource for finding out if credentials are tied to a particular data breach.