The firewall was circumvented. IDS sensors never alerted and the IPS prevented nothing. Servers were breached and your company's internal, proprietary data is being shared with everyone on the Internet. Your manager walks into your cubicle and throws a scrap of paper on your cluttered desk. A single word is written on the page: \r0s3buhd". You glance up at your boss, for verification. She nods and you have your first Open Source Intelligence case: find anything you can about the attacker that did this to your organization. An attacker named "r0s3buhd".
Join me in this webex where you'll learn how to start an attribution-focused (looking for the human attacker) Open Source Intelligence (OSINT) assessment and avoid some of the obstacles that could keep your investigation from being successful.