<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=254990494906321&amp;ev=PageView&amp;noscript=1">

DATA DISCOVERY FOR THREAT INTELLIGENCE

Paula Hingley March 21, 2019 OSINT, Open Source Threat Intelligence

It is estimated that 90% of the world’s data has been created in the last two years alone. What that means for businesses is that they may be significantly more vulnerable to information breaches than ever before. Every new employee brings new risks to a company. As they grow, organizations become more susceptible to phishing scams or other information related attacks.

New call-to-action

In recent years, data discovery has become a critical process for companies and their in-house security teams in order to mitigate these risks. Data discovery platforms like Echosec are used extensively for these purposes.

Echosec specializes in the gathering and aggregating of open source online data for threat intelligence.

Data Discovery Threat Intelligence

Examples of open source data include:

  • Public social media data
  • Blogs
  • News sources
  • Public dark web data
  • Online forums

By gathering and filtering information from these sources, companies can determine which information is crucial to know, and act on it.

Dark Web Discovery

Fielding requests from our clients for more diversified data sources, Echosec recently released a dark web discovery tool called Beacon.

Beacon gives our clients the ability to detect security issues around their business, their clients, their employees, and their locations. It does this by surfacing darknet data that is otherwise difficult to sift through.

The dark web itself does not have a high barrier to access. A Tor browser is all that is needed to access these sites. Navigating the dark web, however, comes with a range of challenges.

Due to the nature of dark web content, most organizations do not allow their employees to use the Tor browser.

Dark Web Search

Dark web data is also unstructured and unindexed, making it incredibly difficult to find anything of real meaning. Black markets and illegal activity are rampant on dark web sites, and disturbing information could be lurking around any corner.

Many organizations outsource these investigations to third party agencies, which can be very expensive.

For these reasons, a safe, anonymous, in-house dark web discovery tool is a necessary investment for data exploration beyond the surface web.

Social Media Data Discovery

When most people think about social media, their minds jump straight to morning cappuccinos and cat videos. And although cat content is still popular in the social sharing landscape, social media is also full of critical information for threat intelligence.

When aggregated and organized, social media posts create a wealth of information about a given location, topic, or event. This data supports incident response, executive protection, retail loss prevention, and public safety.

Social media networks supply data that is indispensable for threat intelligence. However, searching these networks one-by-one is time consuming. Today’s security teams need real-time data, aggregated from as many sources as possible to stay on top of critical threats.

social-media-intelligence

Example:

During the Rio Olympics in 2016, Echosec was used by a security team for executive protection. When the system detected a picture of a gun posted on social media along the exit route, the team deemed it as a significant threat. They were able to react and reroute the executive to a different exit airport.

This is just one example of why real-time social media data is a critical source for threat intelligence.

The Value of Alternative Data

Information from social media and darknet sources are increasingly important to observe for threat intelligence purposes. This type of data is very useful for discovering patterns and trends related to human behavior and our interaction with technology. It is also crucial for staying on top of any information leaked by employees or associates that could end up in the wrong hands.

These data sources can help security teams observe and qualify which entities within their organizations need to be better protected. Social media data sources and other web content add additional context to traditional security data. They provide information about when and where the content originated, as well as information about who is interacting with the content.

Data discovery tools and social listening platforms help companies understand patterns and trends in the world. These insights can guide organizations to optimize the safety and security of their information, their employees, their customers, and their brands.

New call-to-action

Analyzing patterns and trends helps companies make better decisions. Echosec is helping these companies by providing them with faster access to information which is otherwise expensive and time consuming to gather.

Echosec and Beacon gather public social media and dark web data which provides what is essentially an ‘information security safety net.’ Users can export the data to perform advanced analysis and derive more detailed information from the content. Accessing this data in one platform and reducing the need for the Tor network is critical for today’s security workflow.

To book a discovery call with a member of our team, use the button below.

BOOK A DEMO