What information is there about you?
The Internet has existed for around 30 years. During that time, 300 million domains have been registered and filled with information. That information consists of both personal information and company information. The purpose of an OSINT investigation is to collect information from open sources on the Internet about a specific area and then analyze it. One can, among other things, track trends, find patterns, identify sensitive information that is publicly available and find vulnerabilities in companies and in certain specific key personnel that can lead to damage.
Proactive protection against cyber attacks • Reveals sensitive public information • In-depth searches of public systems
Open source intelligence
Our OSINT is aimed at organizations that have previously, to a certain extent, already worked with the basics of information security. The starting point for our OSINT is within the framework of information security and specifically cyber defense.
We identify and retrieve what information is publicly available at different levels, analyze it and show how it can be used to map and attack either specific individuals or the entire organization. With the results of our OSINT, you can take security-enhancing measures and spread awareness among employees.
Testimonials
Secify supports us in data protection issues and in our work with Data Privacy. In a trustworthy manner and with broad competence, Secify has contributed to our delivery.
Robert Ekvall, IT Security & Company Integration Lead
Några av våra kunder
Why Secify?
Our focus on the area of information security together with our long experience in OSINT projects means that we can see information from different angles from a security perspective.
We take exactly the same route as an attacker would, surveying available public information about the company. Next, we show how the attacker could exploit that information to carry out an attack. We use a number of different programs and have a fixed methodology, which leads to a well-executed work that includes the most important and most relevant parts.
Scenario
Take Social Media as an example. An attacker wants to carry out a targeted phishing attack (also called a phishing attack) against your company. The person goes to LinkedIn and copies the names of all the employees. Looking for HR manager or CEO and sending out a fake important message to all people on the list. Almost all companies in Sweden have förnamn.efternamn@företaget.se and we got the list of names from social media.
This is a possible scenario for a phishing attack. There are many other ways to attack an organization. Often this involves intentionally or unintentionally published sensitive information that can be used by an attacker. Even old published information can be a gateway to an attack.
