Skip to content

McHughSecurity

  • Home
  • Blog
  • Security Operations
  • DFIR
    • Reverse Engineering
      • Dynamic Analysis
      • Static Analysis
  • Vuln. Mgmt
  • Intelligence
    • Open-Source Intelligence
    • Threat Intelligence
      • AIL Framework
      • MISP – Open Source Threat Intelligence Platform
      • OpenCTI
  • Threat Modelling
    • Attack Libraries
    • Attack Trees
    • Mitigating Techniques
    • SaaS Threat Modelling
    • Threat Models
    • Tools
    • Validating Threat Mitigations
  • Toggle search form
  • Using the Estimative Language Taxonomy in MISP MISP - Open Source Threat Intelligence Platform
  • TraceLabs Missing Persons 11th of April 2020 Open-Source Intelligence
  • Building a parallel-analysis Cuckoo server Digital Forensics & Incident Response
  • Building a MISP Threat Feed Aggregator Blog
  • Loading Windows Event Logs to Elasticsearch Digital Forensics & Incident Response
  • TheHive 4.1.0 Deployment and Integration with MISP Build
  • [Part 3] Building a Threat Integration and Testing Lab – Splunk Enterprise Build
  • Using the Data Classification Taxonomies in MISP MISP - Open Source Threat Intelligence Platform

OSINT for Threat Intelligence

Posted on March 14, 2020 By A.McHugh No Comments on OSINT for Threat Intelligence

It seems to be a significant buzzword nowadays, but Threat Intelligence is available in an abundance from a wide range of curators and commercial suppliers.

So what does it take to correlate observables such as precursors to determine if they are an indicator of compromise, and by whom have they been generated?

This post will talk briefly of the efforts I am investing into a final project for a Master degree in Information Systems Security through Charles Sturt University.

The topic broadly, aims to describe how Open Source Intelligence can inform a Security Analyst of external threats, and how that information may be used to better inform the business of it’s threat landscape.

If you are interested in seeing the progress on this project, I have a dedicated blog for this purpose.

Head over to ITC571McHugh.WordPress.com and follow it to get the updates.

Related

Blog, Open-Source Intelligence Tags:research, Threat Intelligence

Post navigation

Previous Post: Loading Windows Event Logs to Elasticsearch
Next Post: Threat hunting with Elasticsearch and Kibana (Part 1)

Related Posts

  • What is Cyber Threat Intelligence? Blog
  • TraceLabs Missing Persons 11th of April 2020 Open-Source Intelligence
  • Using MISP in a TraceLabs Missing Persons engagement Blog
  • Building a MISP Threat Feed Aggregator Blog
  • OSINT for Missing Persons (Part 1 – Intro) Open-Source Intelligence

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

9 + one =

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Search

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Archives

  • April 2022
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • September 2020
  • April 2020
  • March 2020
  • January 2020
  • May 2019
  • Building a Cuckoo Malware Analysis Server Digital Forensics & Incident Response
  • TheHive 4.1.0 Deployment and Integration with MISP Build
  • Threat hunting with Elasticsearch and Kibana (Part 1) Digital Forensics & Incident Response
  • External Analysis with VirusTotal Digital Forensics & Incident Response
  • Extracting RAM from VirtualBox session Digital Forensics & Incident Response
  • [Part 3] Building a Threat Integration and Testing Lab – Splunk Enterprise Build
  • Building TheHive4 (4.0.5) and configuring MISP, Cortex and Webhooks. Digital Forensics & Incident Response
  • Loading Windows Event Logs to Elasticsearch Digital Forensics & Incident Response

Categories

  • AIL Framework
  • Blog
  • Build
  • Design
  • Digital Forensics & Incident Response
  • Frameworks
  • Intelligence
  • MISP – Open Source Threat Intelligence Platform
  • Open-Source Intelligence
  • Operate
  • Security Operations
  • Static Analysis
  • Threat Intelligence

Copyright © 2022 McHughSecurity.

Powered by PressBook News Dark theme