Open-source Intelligence (OSINT) is the collection and analysis of data gathered from open sources to produce actionable intelligence. Adversaries can perform OSINT as part of their reconnaissance activities, including searching public websites and databases. Their goal is to find publicly available information that can be used to support an attack. An organization should perform similar activities to identify any publicly available information that could be used to support an attack. In this exercise, you will perform an OSINT analysis on the public website of SNRI and that of its partners.
As part of an audit of SNRI’s public-facing online presence, you are to perform an OSINT analysis of the SNRI website, identifying findings that can be submitted to the SNRI Chief Information Security Officer (CISO) for review. Please use the form below to record your findings, including an assessment of the risk they introduce and a rationale the identified risk level.
The following information should be provided for each finding:
After completing the details for a finding, additional findings can be created using the add row button. When you have completed your analysis, please click on the submit button.