OSINT mindset to protect your organization

Jun 2019

17 Mon

18 Tue

19 Wed

20 Thu

21 Fri 08:45 AM – 05:40 PM IST

22 Sat 09:00 AM – 05:30 PM IST

23 Sun

Make a submission

NIMHANS Convention Centre, Bangalore

Tickets

##About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:

Security talks and tutorials in audi 1 and 2 on 21 June.
Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.

##Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule

Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:

##Who should attend Rootconf?

DevOps programmers
DevOps leads
Systems engineers
Infrastructure security professionals and experts
DevSecOps teams
Cloud service providers
Companies with heavy cloud usage
Providers of the pieces on which an organization’s IT infrastructure runs -- monitoring, log management, alerting, etc
Organizations dealing with large network systems where data must be protected
VPs of engineering
Engineering managers looking to optimize infrastructure and teams

For information about Rootconf and bulk ticket purchases, contact info@hasgeek.com or call 7676332020. Only community sponsorships available.

##Rootconf 2019 sponsors:

#Platinum Sponsor

#Gold Sponsors

#Silver Sponsors

#Bronze Sponsors

#Exhibition Sponsor

#Community Sponsors

Hosted by

Rootconf

Rootconf is a community-funded platform for activities and discussions on the following topics: Site Reliability Engineering (SRE). Infrastructure costs, including Cloud Costs - and optimization. Security - including Cloud Security. more

All submissions

Previous Next

OSINT mindset to protect your organization

Submitted Apr 21, 2019

Technical level: Intermediate

Information on the public internet is increasing exponentially. The public information about your organization includes employees, email addresses, public facing digital assets (domains, subdomains & IP addresses), documents, policies and much more. Anyone having access to internet could gather more information about your organization than you think.

Open Source Intelligence, also known as OSINT in short, is an art of gathering publicly available data to derive useful information. The usage of the information is upto the OSINT investigator, it could be used for or against your organization. In this talk we would dive into an OSINT investigator’s perspective of information. We would have a detailed look at different ways one could gather information about your organization and how the information could be used in weakening or compromising your security.

We would end the session with the available ways to reduce harmful effect of your public information. The attendees would leave the talk with a deep understanding of how information could harm against you, along with ways to prevent it.

Outline

What is OSINT ?
The OSINT Mindset
What do you know about the organization ?
- Products
- Acquisitions
- Investors
- Supply Chain
What do you technically know about the organization ?
- Domains & Subdomains
- Digital assets, IP addresses & their open ports
- Technology stacks used
Did you check out the employees ?
- Email addresses
- Online coding
- Online content sharing
- Username and password reuse
OpSec as a defensive measure

Speaker bio

Chandrapal Badshah is a security researcher and open source enthusiast. He is the founder and maintainer of “Hack with GitHub” – an initiative to showcase open source security tools on GitHub. He has contributed to multiple projects revolving around mobile app security, automation and open source intelligence (OSINT). He has given multiple talks including those at Null community monthly meets. He is an active member at Null Bangalore and contributes to the community as a chapter lead.