Hacker News new | ask | show | jobs
by zara2 730 days ago
Great point! From some of our case studies we see users catch 25% more 3 days earlier than other solutions.

To your point catching every threat or every alert especially on darkweb is always a cat and mouse game. Our idea is a prioritization problem – how do you mitigate the biggest risks quickly.

The existing OSINT tools we used are keyword search based / pretty noisy so we’ve been focusing on the idea that given there’s no way analysts can find or triage every alert, how do you catch the biggest stuff. We do a few things from AI crawlers to continue to expand data collections to AI categorization, clustering, data extraction etc to make it easier to track the cover the most ground.
1 comments
candiddevmike 730 days ago
I find it interesting that you didn't answer my question at all, tbh.
link
sbarre 730 days ago
I doubt they provide any kind of guarantee that they'll catch everything. That's not what a tool like this is used for (i.e. it's not a security tool or a network monitoring service).

OSINT is about gathering data from public or semi-public places.

There are plenty of private dark web forums that these kinds of tools probably don't have visibility into, but the bigger public well-known ones are where you are most likely to see high-profile breaches being sold (since there's a wider audience and actors want to sell data quickly before it devalues), so it's certainly better than nothing...

link
candiddevmike 730 days ago
I never asked for a guarantee, that's not feasible, I was looking to see if in-house analysts or engineers can review the data they're using or lower confidence results as a second set of eyes.
link
Bisen 730 days ago
Thanks for clarifying - honestly, we're a tiny startup so not really here to play PR games, just didn't fully understand the question. Users can 100% review all the results even if they aren't ranked as 'high priority'. You can even free form search our repositories with boolean strings like you would any other OSINT tool, but with the added benefit of an AI agent to help triage, if you so wish.
link
sbarre 730 days ago
Ah well, your question wasn't clear. But your clarification helps!
link
edm0nd 730 days ago
Dodging questions and proving a non-answer answer is always the sales and c-level route when they just dont want to answer you (or know the answer).
link
sam0x17 730 days ago
it probably varies widely by use-case and customer
link