Open Source Intelligence (OSINT)
Sapphire’s open source intelligence (OSINT)
Each time an individual uses the internet to visit websites, access search engines or social networking sites they leave behind a digital footprint.
Publicly available information on your employees can form valuable intelligence in the reconnaissance phase of the cyber-attack chain. Be it comments on social media, a Skype call, an app or an email sent – their online history can be seen, tracked and exploited. The threat can be more significant especially if or when the target is senior management or a board member.
As the reliance on digital platforms increases, many organisations are now turning their attention to monitoring the threats posed to their organisation by the manipulation of readily available data.
Sapphire’s Open Source Intelligence (OSINT) service is designed to enable an organisation to identify its digital footprint online and take a proactive approach to increase its cybersecurity.
osint
Why Sapphire?
Sapphire’s OSINT team is tasked with analysing publicly available information from common data sources about employees, management teams, suppliers, and partners. This enables them to build a picture of susceptible individuals’ hierarchies and targeting packages and improve organizational awareness.
Here is why organisations choose Sapphire’s OSINT services to gather and analyse relevant information to reduce security risks:
Informed: Get a clear picture of your human attack surface as a threat actor for better visibility of human risk, screening recruits, and conducting due diligence.
Insightful: Run simulated attacks on individuals within your organisation to prepare target functions, such as finance, for real-world attacks.
Pragmatic: Foster a culture of security by combining simulated attacks with security awareness training.


open source intelligence
business benefits
Unlike social media platforms, which use trained algorithms to direct and analyse the flow of information, organisations need to take extra steps to prevent potential threats through employees and leaders.
The most significant benefit of all open-source intelligence tools is that they give businesses and their leaders or decision-makers complete, timely, and actionable data to positively influence decision-making. With adequate and accurate data, you can prevent attacks or solve them faster if they happen in real-time.
Here are some examples of open-source intelligence (OSINT) in action
1. Gathering data about an organisation, people, and services from search results on social media, search engines, or other social networks.
2. When law enforcement agencies use public resources online for data collection, that affects national security.
3. When an organisation’s security professionals use online tools to analyse the system’s security risks.
4. When users collect data, even sensitive information, about employees to run simulated attacks.

open source intelligence: key features
brand protection
One of the key aspects of OSINT is brand protection. Organisations use OSINT to prevent their brand from being exploited online (such as threat actors forging their digital assets). OSINT can also be used to ensure clients (or staff) cannot expose sensitive data to third parties, thus preventing cyber-attacks from becoming more accurate. OSINT can prevent reputational damage at C-Level / Executive protection for large organisations, where a chairman/CEO is known in the public eye or business community. It would be damaging to the person and the organisation if they were being misrepresented.
The security team often approaches Sapphire’s OSINT team to demonstrate potential attack vectors to C-level employees. By utilising the service’s open source element, an OSINT gathering can discover what information is easily accessible about board members, employees, or the organisation.
engaging the board
Identify rogue employees
Organisations concerned about their employees can engage with the Sapphire OSINT team. Our team can carry out an investigation that includes background checks and reviewing the individual’s activity and footprint across the internet. Supported by a full forensics investigation consisting of the individual’s devices or corporate servers, it is possible to ascertain if the employee is breaking organisation policies or procedures.