SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
111Learn more about OSINT: https://www.sans.org/sec487
Ah vacations, walk-abouts, and holidays. Most people love getting away from work and the stresses of daily life. Coworkers look at sitting in the sun on beaches for a little rest and relaxation. Families head off to historical sites, camp grounds, or to amusement parks for entertainment. And OSINTers, we sit back and watch people "check-in", snap photos of their food, rate their wine, and share details inside hotel rooms. What a glorious time of the year!
Join John TerBush and Micah Hoffman, author of the new SEC487, Open-Source Intelligence Gathering and Analysis class, as they show how people collect and use food-ratings, images from reviews, and other information for OSINT and investigations.
Presenters
Micah Hoffman
Micah Hoffman has been working in the information technology field since 1998 supporting federal government, commercial, and internal customers in their searches to discover and quantify information security weaknesses within their organizations. He leverages years of hands-on, real-world penetration testing and incident response experience to provide unique solutions to his customers. Micah holds GIAC's GAWN, GWAPT, and GPEN certifications as well as the CISSP. Micah is an active member in the NoVAHackers group, has written Recon-ng and Nmap testing tool modules and enjoys tackling issues with the Python scripting language. When not working, teaching, or learning, Micah can be found hiking or backpacking on Appalachian Trail or the many park trails in Maryland. Catch him on Twitter @WebBreacher.
John TerBush
John TerBush works as a senior cyber threat intelligence (CTI) analyst serving multi-national enterprises in a variety of industries including finance, manufacturing, retail and energy. In this role he conducts open-source and dark web investigations, malware and traffic analysis, tracking of threat actors and their tactics, techniques and procedures, and many other tasks in order to provide analytical and technical support to clients. Previous to his role as a CTI analyst, he worked as a security operations center (SOC) analyst with a large managed security service organization handling response for numerous Fortune 500 companies. While working through a sea of alerts and research, he developed a focus on creating network detections and tracking attacks.
Prior to entering the information security field, John worked for over two decades in legal research and private investigations, providing open-source research, surveillance, court testimony, undercover operations and other investigatory work of all types. John acted as the director of investigations and lead investigator for two well-known regional investigation companies for over a decade, before starting his own investigations firm.
John assisted with the development of the SEC487: Open-Source Intelligence Gathering and Analysis course. John is a member of both the SANS GIAC Advisory Board and the SANS Open Source Intelligence Summit Advisory Board, and holds the GIAC GCIA and GREM certifications as well as the Certified Information Systems Security Professional (CISSP).