Using DFIR Orchestration and Automation Tools and Playbooks For OSINT and Recon

less than 1 minute read

Abstract

Everyone has probably heard about orchestration and automation tools in DFIR but what if we took the same concepts from DFIR and apply that to OSINT? In this talk we will discuss how to use DFIR tools and concepts for reconnaissance, investigations, and OSINT data gathering. We will work through an automated playbook to gather evidence on things like domains, organizations and people, then discuss using integrations like Intrigue.io, Pipl, DataSploit, and more all in parallel and finally wrapping up by storing the evidence, contacting, liberating and helping others by responding with the evidence, or simply just having some fun.

Speaker Profile

http://www.demisto.com https://www.linkedin.com/in/tyler/

14+ Years or some ** in Cyber (Previously known as Information Security).I have #NoCerts yet but seems like thats whats trendy these days. Been going to DefCon since before the Rio days where I first learned about LockPicking and just wished I could give some #AwkwardHugs”

Updated: