icon-carat-right menu search cmu-wordmark

Taranis NG - A New Tool for OSINT Analysis

Presentation
This presentation describes how to process raw OSINT sources into actionable vulnerability advisories, threat intel, and more, using a recently released open-source tool.
Publisher

Software Engineering Institute

Topic or Tag

Abstract

This presentation was given at FloCon 2023, an annual conference that focuses on applying any and all collected data to defend enterprise networks.

Sifting through all the articles, tweets, mailing lists, and other feeds for actionable OSINT is an important, yet exhausting task for every responsible organization or CSIRT team. In this presentation, we will introduce Taranis NG, a new OSINT gathering and analysis tool designed to make this task faster and easier.

The open-source software Taranis NG crawls various data sources such as websites or tweets to gather unstructured news items. These are processed by analysts to create structured report items, which are used to create products such as PDF files, which are finally published.

Taranis allows multiple teams to collaborate on analyses which significantly reduces workload, and includes lightweight self-service asset management for CSIRT's constituency which automatically links to the advisories that mention vulnerabilities in the software.

Taranis NG was developed by SK-CERT with help from the wide CSIRT community, and is released under terms of the European Union Public License. This project has been co-funded by various European funds, and the development is ongoing.

Attendees will learn how to process raw OSINT sources into actionable vulnerability advisories, threat intel, and more, using a recently released open-source tool. The presentation will include a live demonstration of the software.

Part of a Collection

FloCon 2023 Assets

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.