Building visualisation platforms for OSINT data using open source solutions

Abstract

Reconnaissance is about gathering information. The information gathered is only as good as the insights and actionable decisions that we can gain from it. A lot of research is focused on finding OSINT data but little is done towards converting the data into insights and actionable decisions. Visualisation is an easy and efficient way to gain insights from any the data gleaned.

In this workshop, we will look at how we can gather OSINT data and visualise it using free and open source solutions. Visualising data is not enough, we’ll also look at how we can use the metrics to answer business questions and lead to actionable decisions.

We’ll tackle the problem by breaking it into following steps

  • Gathering OSINT data
  • Storing the OSINT data
  • Processing & visualising the data
  • Gaining insights and making actionable decisions

Some specific use-cases we’ll look at during the workshop includes

  • Monitoring an organisation’s SSL/TLS certificates, domains and subdomains in near-real time
  • Creating dashboards using public datasets(scans.io) to gain insights into an organisation’s external posture
  • Building monitoring and alerting solutions using OSINT data that will help us take business decisions

Participants will get

  • Step by Step Gitbook covering the entire training (html, pdf, epub, mobi)
  • Custom scripts, playbooks and tools used as part of the workshop
  • Scenarios that can be readily implemented for your use cases
  • References to the data used in the workshop”

Date
Wednesday, 11 Jul 2018 00:00 UTC
Event
Recon Village 2018
Location
Las Vegas, USA
Madhu Akula
Madhu Akula
Never Ending Learner!

Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, OWASP, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26, 27, 28, 29, 30), BlackHat (2018, 19, 21, 22 & 23), USENIX LISA (2018, 19 & 21), SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018, 19, 22), All Day DevOps (2016, 17, 18, 19, 20, 21 & 22), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18 & 20), Nullcon (2018, 19, 21 & 22), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.