Thursday, April 10, 2014

Enterprise Open Source Intelligence Gathering

I just returned from Infosecworld. As with RSA, threat intelligence was a big topic. The session on "Enterprise Open Source Intelligence Gathering" was eye-opening. While I was familiar with some of the techniques used by the good guys and the bad guys, it's still amazing how easy it is to gather information from the Web, much of it PII or stuff that the military might classify as SECRET or above.
This session was lead by Tom Eston, who's Manager, Profiling & Penetration for SecureState. He has a really interesting blog, Spylogic. You might want to check it out.

More on Infosecworld after I catch up.