Kuchmin Vladislav Konstantinovich (leading specialist, «RAKO APK» federal state budgetary educational institution of additional professional education,
post-graduate student, Financial University under the Government of the Russian Federation, Moscow
)
Krepak Ivan Pavlovich (head of information security group, «Klinika Bud Zdorov» LLC,
post-graduate student, Financial University under the Government of the Russian Federation, Moscow
)
| |
The article addresses the problem of information security vulnerability auditing in financially critical organizations under conditions of high digital openness and continuous expansion of the external information perimeter. The relevance of using open-source intelligence (OSINT) technology as a tool for preliminary security assessment based on passive analysis of information available from open and legal sources is substantiated. It is shown that the results of OSINT analysis make it possible to identify risk factors formed at the level of the external information environment prior to the implementation of active threats.
The paper proposes a formalized methodology for OSINT-based auditing of the external information perimeter, including a sequence of stages with defined input and output parameters that ensure the reproducibility of analytical results. To demonstrate the practical applicability of the proposed methodology, a conditional example of a financially critical organization is considered, involving qualitative risk factor assessment and interpretation of the obtained data. The limitations and scope of applicability of OSINT auditing within the information security framework are determined. The results obtained can be used in threat modeling, planning information security risk management measures, and improving the maturity of external perimeter protection processes.
Keywords:vulnerability audit, OSINT, financially critical organizations, external information perimeter, risk management, digital footprint, threat model, passive analysis methods, open-source information
|
|
| |
|
Read the full article …
|
Citation link:
Kuchmin V. K., Krepak I. P. FINANCIALLY CRITICAL ORGANIZATIONS’ SECURITY AUDIT BASED ON OSINT-TECHNOLOGY // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2026. -№02. -С. 99-106 DOI 10.37882/2223-2966.2026.02.19 |
|
|
LEGAL
INFORMATION:
