Dont Overlook Twitters Trove of Threat Intel for Enterprise Cybersecurity

  /     /     /  
Publicated : 23/11/2024   Category : security


Dont Overlook Twitters Trove of Threat Intel for Enterprise Cybersecurity


Social media data can provide critical clues to help get ahead of the next cyberattack, experts say.



Tagged, organized, and free for anyone who wants it, social media posts and data are an underused threat intelligence resource for many enterprise cybersecurity teams.
Just as cybercriminals have found social media platforms useful for gathering information on targets and launching attacks, network defenders should likewise be looking at Twitter and other similar public-facing
social media
data sources, so called open source intelligence (OSINT), to help inform cyber defenses, according to experts.
Social media and other digital platforms are invaluable resources for gathering intelligence on external cyber threats, because it is often one of the earliest indicators of trouble brewing, AJ Nash, vice president of Intelligence at ZeroFox, explains to Dark Reading. Waiting until a threat materializes to the point where it sets off an alert in your SOC might mean its too late to stop it — a truly proactive security posture includes leveraging data from digital platforms to stay ahead of these threats.
Igal Iytzki with Perception Point himself uses Twitter and Reddit to
share threat intelligence
and advises cybersecurity teams to utilize social media as part of their overall strategy.
There is a lot of threat intelligence being posted on public platforms every day that businesses can tap into, Iytzki explains to Dark Reading. The infosec community has created an environment where we share our findings openly and freely, understanding the benefits this can have for the community at large, while also taking care to protect valuable data.
Making social media data useable, as well as accessible, posts are tagged and easily searchable, he adds.
If you search for a particular IP, domain, malware, exploit, or CVE in the search bar on a social platform, you can easily find related tags or tweets about a particular attack or trend, Iytzki says. What businesses need to do is make sure their security teams are taking the time to be part of that community and experimenting with which channels, profiles, and tags are yielding the most relevant and actionable data for them.
As with any information collected from
social media
, its imperative to check its veracity to be effective, he adds.
Of course, the sheer amount of information can be overwhelming. For resource-strapped teams, an external threat intelligence provider can help manage the OSINT collection and verification process, according to Brian Wrozek, principal analyst at Forrester.
Leveraging their expertise to gather, correlate, enrich, and analyze the data is
the best way to utilize OSINT
, Wrozek recommends. It can be expensive to internally staff threat analyst resources and then gather, store, and process all that data yourself.
Outsourcing social media threat intelligence gathering can also avoid inundating beleaguered cybersecurity teams with yet another data stream filled with false alerts, Wrozek adds.
OSINT is a valuable source of information but suffers from false positives if the assets being monitored are common words, he says. Be on the lookout for misinformation and stale information. Prioritize providers who not only have advanced algorithms to process all that data but also trained human analysts who can provide that extra level of analysis.
Whether its outsourced or undertaken by internal enterprise cybersecurity teams, some level of social media threat intelligence gathering is a valuable addition to any organizations overall security posture, Perception Points Iytzki says.
It seems to me a no-brainer for security teams to leverage social media to get actionable threat intelligence in a way thats quick, effective, and budget-friendly, he adds.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Dont Overlook Twitters Trove of Threat Intel for Enterprise Cybersecurity