ecfirst   | OSINT Strategy

  • Utilize cybersecurity tools.
  • It is intelligence domain which includes search, selection and the collection of intelligence information, available from publicly available sources.
  • Performed through monitoring, analysis and research of information coming from the internet.
  • OSINT is information that has been deliberately discovered, discriminated, distilled and disseminated to a select audience.
  • Materials compiled based on information from open sources support all intelligence methods and activities through accumulation of intelligence knowledge, its analysis and dissemination.
  • OSINT + HI = VA OSINT (OSINT Validated).

ecfirst   | Our Value Proposition

  • OpenSource Intelligence Collection - Reported from cybercriminals, social media engagement, marketplaces and chat rooms with the touch of Human Intelligence Collection.
  • Real-time Threat Tracking - Indicators of compromise, threat actors and malware.
  • Vulnerability and Credential Intelligence - Vulnerability scoring, compromised credentials of customer, partners, vendors, VIPs and executives.
  • Reduction of Risk - Security posture of organization mapped against discovered organization assets across surface, Deep and Dark Web.

ecfirst   | Cyber Threat Intelligence (CTI)

  • Focuses on analyzing raw data gathered from recent and past events to monitor, detect and prevent threats to an organization.
  • Details of the motivations, intent, and capabilities of internal and external threat actors (e.g. Government, Organized crime, Activists, State-sponsored criminals).
  • Threat intelligence includes specifics on the tactics, techniques and procedures of these adversaries.
  • Primary purpose is to inform business decisions regarding the risk and implications associated with threats.
  • Shifting the focus from reactive to preventive intelligent security measures.

ecfirst   | CTI Monitoring

  • Network Threats - Ability to monitor the risks exposure of an entire country and/or specific organizations (e.g. infected systems, malware and botnets).
  • Monitoring and take down of phishing sites.
  • Identification of compromised bank accounts Internationally.
  • Reporting leaked credit cards transactions to money mules.
  • Monitoring underground cybercrime forums and the Deep/Dark Web to discover compromised bank accounts.
  • Monitoring the internet to discover compromised credentials (emails, username and passwords).
  • Rogue Mobile Application - Unauthorized mobile application developed to look like and behave like a legitimate one.
  • Monitoring Threats from Third Parties - Continuous auditing, security controls and monitoring controls.

In the News

Decoding CUI: A Highly Valued Data Type and CMMC, ISACA, Ali Pabrai, April 2022


CMMC and CUI: Rocket Fuel, Pabrai Podcast

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), HITRUST Certified CSF Practitioner (CCSFP) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.