Coming in at "Number Ten" on our OSINT Top Ten Poll is the Technology Stack!

An organization's technology stack can give away more than you would think. From this alone, anyone (customers, partners, competitors, and adversaries) can gain knowledge and insight into your organization's inner workings.

As an organization evolves and grows, so does its technology requirements and implementations. Given this dynamic, it is essential to track and vigilantly audit your organization's technology continuously. An awareness of your applications is crucial, especially if your organization's technology is being broadcasted to the world. A best practice for any organization would be to perform an inventory and analysis of its technology stack. An organization can achieve this in the following ways:

• Look at the traffic and origin of the URLs that interact with your domain

• Add plugins to your browser that will pull detected technologies

• Use multiple 3rd party sites to aggregate detected technologies over time

The results of this analysis can provide a better idea of what technologies are implemented and associated with your organization. This knowledge can help provide insight to answer all of the following questions:

• Are we up-to-date or using the latest versions?

• Do we have too much or just enough?

• Is the technology being broadcasted about us depicting a rich target for attacks and exploits?
  

Next week we’ll shine a light on “Number Nine” from our OSINT Top Ten Poll, the “Dark Web.”