Open Source Intelligence (OSINT)

The Situation

Companies often do not know their own attack surface. The existing data about externally accessible servers or network services are incomplete, old or unmaintained. In addition, the increasing outsourcing of IT and the use of third-party services means that the limits of your own security perimeter are disappearing. The acquisition and integration of new companies into the existing IT landscape is also constantly changing the company’s own attack surface. As a result, their own risks are largely unknown and  often underestimated.

Our Solution

As our own ISP with more than 1024 Scan-Nodes, we regulary conduct distributed global Internet scans (2.8 billion IPv4 addresses) and store each network services and vulnerability information for all identified companies in our database.

With the help of our OSINT analysis we can identify your real attack surface, eliminate shadow IT and identify potential weak points of your company or your third party provider. This allows you to preventively reduce your attack surface and sustainably improve your security.

Leaked Data and Social Scanning

It happens again and again that leaked data is published or offered for sale. For example, private login data is often traded, which of course can also be traced back to employees of companies. This may allow an attacker to gain access to internal systems.

We analyze for you which information is available in leaked password databases and social networks about your employees and how this information can be used against your company.

References

We have presented our solution on the “Chaos Communiation Camp 2019”.  You can get the video here.

Our scientific paper about advanced scanning tatics. Download PDF here:

Towards Better Internet Citizenship: Reducing the Footprint of Internet-wide Scans by Topology Aware Prefix Selection

J Klick, S Lau, Prof. M Wählisch, Prof. V Roth – Proceedings of ACM Internet Measurement Conference (IMC) 2016