Cyber threat intelligence: How to use OSINT

Where do Cyber Threat Intelligence (CTI) and Open Source Intelligence (OSINT) rank on the priority list of IT security leaders? Which tools should they use, and what's the recommended playbook?

We asked Jake Williams, SANS instructor and president/founder of Rendition Infosec. Jake is a U.S. Army veteran and former DoD Network Exploitation operator whose expertise includes secure network design, penetration testing, and incident response.

Nick Espinoza, Head of Special Services at Authentic8, interviewed Jake about How to Use OSINT for Cyber Threat Intelligence Investigations for this short video (6 min.) in our mini-series discussing various CTI methods, tools, and techniques.

In this series, we highlight practical aspects of OSINT collection and management. They are covered in-depth by Authentic8’s 2020 Cyber Threat Intelligence Survey, which was designed to provide CTI practitioners with best practices and guidelines. Its results will be presented in a webinar on March 19th.

In this video, Nick and Jake discuss the use of OSINT for cyber threat intelligence researchers and its value for mature vs. nascent organizations.

• What organizations benefit from formal CTI and OSINT programs?
• What's the relevance of counterintelligence and anonymity for investigators, and how can they manage attribution when "facing" off with adversaries online?
• What's  the "baseline toolkit" analysts and researchers should have when gathering cyber threat intelligence online?

Watch as the SANS instructor explains why in business, "nobody is too small to have some sort of CTI program."

This conversation can only scratch the surface. Mark your calendar and register here for our 1-hour webinar on March 19th, when a panel of four industry experts will discuss the CTI 2020 survey findings and how CTI professionals can leverage them.

Every attendee will receive a copy of the Cybersecurity Insider report: Cyber Threat Intelligence Survey 2020.