This is a guest blog from our partner, Authentic8, who we work with to ensure customers can securely deploy online investigations with built-in anonymity and security. Miguel Ramos is Authentic8’s Head of Product. He has extensive experience in cybersecurity, including strategic roles at Forcepoint, Raytheon, Neustar and Network Solutions. He began his career in software engineering.
Global conflicts, information wars and advanced cyberthreats — the need to protect your identity and intent as you investigate has never been more important. That’s why Authentic8 and Fivecast are joining forces to secure OSINT research.
Have you noticed the topic of open-source intelligence (OSINT) creeping into the mainstream? Media outlets like the BBC and New York Times are putting OSINT verification front and center with digital verification teams. The very notion of verifying and corroborating information seen online has been a popular conversation since the rise of ChatGPT, Midjourney and AI tools. And while the debate has raged for years over the role of OSINT alongside other government intelligence practices, the U.S. Army recently labeled OSINT as an “intelligence discipline of first resort.”
The value of OSINT is at an all-time high. But tasking analysts with venturing into all corners of the web can incur great risks for an organization. How do you balance security with accessibility, speed with insight, all while evading the tech built to track you? Fivecast and Authentic8 have teamed up to provide the answer.
Why anonymity and obfuscation are vital in OSINT investigations
You start a digital trail of breadcrumbs whenever you open a browser. Sites you visit (and even ones you don’t) collect a slew of information about your:
- Connection: IP address and provider
- Hardware: device type, OS, video and audio cards
- Configurations: keyboard and language settings, time zones, etc.
- Installed software and plugins
- Other: even seemingly random things like battery status to help track us across sessions
All these details and your online behavior can be used as a unique identifier — which is a big issue for government and commercial analysts conducting highly sensitive investigations behind enemy lines. If the target of your research finds out who you are, they could block your access to the site, alter the information you see, close up shop, target you with malware or otherwise disrupt your investigation.
That’s why it’s critical to have a browsing environment where you can control what websites see in your digital fingerprint — to be able to alter it to access whatever site you need and blend in with average visitors while you’re there.
DIY doesn’t cut it
Many OSINT analysts today recognize the value of anonymity and obfuscation in investigations but have complicated, inadequate or insecure ways to achieve them. But here’s how these DIY approaches can fall apart:
- Too complicated: “Dirty” networks are difficult to maintain and you as the analyst often don’t control them or can’t access them at the ready when you need to complete discovery or gain additional context
- Inadequate: Using piecemeal solutions like VPN and private browsing modes do not control attribution risks. VPNs could leak data to give you away and are often blocked by websites altogether. Private browsing still leaves tons of supercookies active that can be used to identify you.
- Insecure: VPNs and private browsing do nothing to protect against malware risks. And have you ever hopped onto public Wi-Fi to minimize attribution risks, or to get around an IT policy preventing access to your desired site? Many analysts have but there are tons of security concerns that could affect your research.
If OSINT is pivotal to your job, you need the right tools to build this intelligence without putting your organization, your investigation or yourself at risk.
Fivecast-Authentic8 integration: how it works
Silo for Research is Authentic8’s purpose-built platform for digital investigations and intelligence to protect organizations from security and attribution risks. Its core features include;
- Global managed research network: appear as an in-region visitor to websites using one of our dozens of points of presence around the world
- Managed attribution: control your digital fingerprint including language, time zone, keyboard settings, device, OS and more to blend in with normal traffic on sites of interest
- 100% isolated: view and interact with web content via a cloud-based browsing environment, eliminating the risk of malware touching your device or network
Combining Silo for Research with Fivecast ONYX delivers a powerful solution: broad open-source data collection and analytics, with a secure, anonymous browsing environment to dig deeper and explore without worry. Here’s how they work together:
- Use Silo for Research to perform discovery and identify topics or accounts of interest around the surface, deep or dark web.
- Deploy Fivecast ONYX to leverage this information, along with internal intelligence holdings and additional intelligence uncovered via Fivecast ONYX. This info can be used to analyze the broadest data set possible from a wide range of mainstream and niche surface, deep and dark web sites.
- Once content of interest is identified, securely view live content in its native environment with Silo for Research. Choose any link and click the “Open in Silo” button.
Fivecast ONYX can also be run entirely within Silo, eliminating the potential of accidentally opening a link in a non-isolated installed browser or attributing web activity to the organization.
This seamless integration also provides an efficient way to conduct broad and deep investigations without complicated DIY setups. With Fivecast ONYX and Silo for Research, you can conduct even your most sensitive research from your primary laptop on a corporate network without the inherent risks of web-based OSINT investigations.
On a personal note, it’s been a pleasure to work with the Fivecast team on this integration. A great group and a great product! We look forward to enhancing our collaboration in the future.
To learn more about the Fivecast-Authentic8 integration for secure, anonymous digital investigations, request a customized demo here.