Open-source intelligence, or OSINT, is a powerful tool for gauging the security posture of an organization. Performing OSINT searches typically involves searching public repositories for information that may be useful to an attacker. At CTInfoSec, OSINT searches are part of every External Network Penetration Test that we perform and can also be requested on an ad hoc basis.
Using OSINT as a tool to gauge the health of an organization with a ‘score’ is now marketed by some firms as a security service allowing competitors and partners to gauge where they stand vs. other organizations. Although this can be another helpful tool in a CISO’s arsenal, they are often limited searches because they focus only on publicly available data. Therefore these searches often miss context, value, and actual risk. Although OSINT has a role and provides good discovery across a wide range of sources, we see it as just one more piece in the risk posture puzzle.
It is important that organization ensure they keep their online persona clean. Here are a few ways that you can quickly boost your OSINT scores today.
- Disable weak TLS cipher support and standardize on the latest versions of TLS.
- Ensure all certificates are valid. No self-signed, and no expired certs.
- Implement DKIM and SPF on all domains. This goes for test and parked domains as well. Anything that can be linked to the company should be protected.
- Do not run risky services on the perimeter. No RDP. No telnet. No database access.
- Keep the external services up to date. This is especially true for software with known exploitability. See the CISA KEV list for a starting point.
- Avoid hosting recursive external DNS servers.
- Check your company websites for sensitive data and files regularly.
- Tighten up web server configurations removing things such as dangerous HTTP verbs.
- Lock down domain settings by limiting domain transfer.
- Don’t have a breach! Yes, this is always a goal, but companies that report breaches are tracked, and can have a long-lasting negative scoring effect.
Although there are many additional elements to consider, this top 10 covers a big portion of what we see as contributing factors to lower security scores by companies offering this as a service. If you have a score that you are looking to improve or just want to maintain a strong public presence, consider implementing the suggestions above. If you would like additional insight, or a more customized set of steps, let us know, we would be happy to help.