SATAYO: An OSINT tool to gather information like an attacker
Speakers @ Würth Phoenix S.r.l.
- Francesco Pavanello, Technical Consultant - Cyber Security Solutions
- Mirko Ioris, Technical Consultant - Cyber Security Solutions
- Kathrin Garbislander, Head of Human Resources
Abstract
In the last few years, we developed a platform, whose name is SATAYO (Search All Thing About Your Organization), because its purpose is to gather all the information that is publicly available about a company.
SATAYO can scan the entire Internet, from the common websites located in the Surface Web to the hidden forums and data leak sites present in the Deep and Dark Web. All this data comes from the so-called OSINT (Open Source Intelligence) sources. These are sources that everyone, in most cases even without special skills, is able to examine. SATAYO is able to correlate the retrieved data and classify it in different sections that can be easily accessed from the platform by the clients. Thus, after a SATAYO scan, we have evidence of the company’s infrastructure and its exposed services. We have the complete list of IP addresses used by the organization, open ports on their devices, and information about their http methods, mail server, vulnerabilities on their machines, and the list goes on. We may also collect sensitive data about people working in the company, such as their e-mail addresses, phone numbers, and hacked accounts, most of the time with their passwords. Of course we don't use this data for our own benefit, instead we use it to analyze the severity of the situation, suggesting how to enforce the organization’s network perimeter.
During the talk we will explore what SATAYO does and what OSINT is, explaining how malicious actors and criminals can use anything available on the Internet to prepare an attack. Cyber security threats are increasing every day, and we are doing our best to prevent the worst from happening.
Keywords: Cybersecurity, OSINT, Exposure Assessment, Deep&DarkWeb, SATAYO
About the company
The companies of the Würth Group operate in various fields of business. The global trading company has its origins in the sale and distribution of assembly and fastening materials. The Würth Line companies continue to serve this segment in which Würth is the world market leader. In addition, the Würth Group comprises the Allied Companies trading under their own name. Their business activities are either closely related to the core business or diversified and are developed further and expanded successfully.
Würth Phoenix has a consolidated experience in ERP, CRM, IT System & Service Management and recently it started also working with amazing results in the field of Cyber Security and Business Intelligence.
For what concerned Cyber Security, the unit is composed both by a blue and a red team. This made us able to create a SOC solution constantly trained by our ethical hackers. Furthermore, we offers also a wide range of activities, like Exposure Assessment, Vulnerability Assessment and Penetration Test and Mobile or Web Application Penetration Test.
Program
13:30 - Welcome by prof. Bruno Crispo, Department of Information Engineering and Computer Science
13:35 - Company presentation
13:40 - Case study presented by Würth Phoenix S.r.l.
14:10 - Skills for the future
14:15 - Q&A session
DISI Industrial Workshops: A series of Workshops dedicated to technologies, methodologies and case studies by leading companies aimed to bring students closer to today's real business world.