Enriched Cyber Threat Intelligence Through OSINT: A Methodology for Strengthening Cybersecurity Resilience
摘要
With the rise of cyber threats, Cyber Threat Intelligence has become crucial for organizations to proactively defend themselves. Open Source Intelligence adds valuable information to Cyber Threat Intelligence, offering additional context and deeper insights. This study proposes a methodology to enrich Cyber Threat Intelligence with Open Source Intelligence. The goal is to address the gap between abundant data and the limited capacity to filter and apply it strategically. The research develops methods to verify, validate, and filter Open Source Intelligence data, enhancing the quality and utility of Cyber Threat Intelligence. A case study was conducted to demonstrate this methodology, focusing on the enrichment of an Indicator of Compromise, specifically an IP address. The results show how Open Source Intelligence can provide vital context to enhance Cyber Threat Intelligence and support better decision-making in cybersecurity.