From the course: Dynamic Application Security Testing
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
OSINT gathering - Burp Suite Tutorial
From the course: Dynamic Application Security Testing
OSINT gathering
- [Instructor] If you've already deployed to production, chances are attackers can gather information about your application using open source intelligence or OSINT gathering techniques. But what exactly can they do with that information? In order to answer that question, it helps to understand what OSINT actually is. Open source intelligence, or OSINT gathering, has its roots in the government space, particularly the military. Military organizations look for each and every advantage they can have over their opponents and the advantage of intelligence can help win battles against superior forces. When it comes to protecting your web applications, you should absolutely spend time collecting OSINT on those apps in order to better understand what information is available to a potential attacker. If your non-production systems live inside your network or your cloud environment, then there shouldn't be much OSINT available…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.