Here at ShadowDragon, since 2008 we have been building world class OSINT tools and cyber security products. From SocialNet to OIMonitor to Malnet, we’ve put together solutions for solving problems, speeding up investigations, and opening the mind of an investigator to ask new, more relevant questions. Despite having very robust, powerful tools over the years, we discovered a sort of gap that existed in our unique toolbox.
Let’s take a detour and compare a couple of world class products we can consider for a solid race around the track: the Porsche 911 GT2 RS vs. the Honda Accord LX.
0-60 MPH: 7.6 Seconds
60-0 Braking: 135 Feet
0-60 MPH: 2.7 Seconds
60-0 Braking: 100 Feet
On paper, we have a very obvious winner here. Both of these machines have had 1000s of hours of engineering put into them, but for racing around a track, the Porsche is pretty clearly at a huge advantage. What gives it that advantage is all based on the guts of the machine. What about the driver?
Let’s picture a scenario: We are going to pit these two cars against each other in a race on a racetrack. We have 2 drivers, a typical 17-year-old driver and a 20-year veteran of professional racing. Let’s put the younger driver in the 911 and the race car driver in the Accord. Who do you think will win? Why?
It’s probably a good bet that the Honda will cross the finish line first and hopefully that beautiful Porsche and its youthful driver makes it there in one piece. The big difference between these two drivers is all about training and experience. It has very little to do with these two impressive pieces of technology.
How does this apply to our ShadowDragon toolset and the “gap” I spoke of earlier? We identified a clear issue: our drivers need world class training to use world class products. You might sit there and say, “But that means the product isn’t intuitive.” While all products can get more intuitive and improve basically endlessly, the issue we are talking about in training is methodology vs. buttonology. As an investigator, the buttons to go fast are right there in front of you; you just need to identify what to do with them on the track.
At ShadowDragon, we offer a variety of training programs and all of them stem from this ideology. The products aren’t very hard to use, it’s the process and discipline involved that are the most challenging. We start all training with the very basics of what make an investigation great: the fundamentals of collection, how to organize those entities into a useful map, how to “eat an elephant,” how to create clear mental maps, what questions to ask when things get tough, and most importantly of all, a repeatable robust process to get you winning all the time.
We know the tools are great. We also are humbled and know how amazing the teams that utilize our products to crush evil, stop fraud, or nab a human trafficker can be. However, we can clearly see what makes a great investigator even greater is this discipline in training.
Our OSINT training starts with mapping. We go over the intricacies of identifying what should be mapped, why it should be mapped, and the ideas behind documenting this large glut of information. Next, we focus on adaptation to these maps we have built. What more can we get to build out a better map? How can we do that? Where should we go with each new set of data? Then comes my favorite part: Attacking. What vectors can we use? What vectors are we overlooking? What are the target’s weaknesses?
All the while, we are challenging our classes with assignments specifically meant to create those crashing the Porsche off the road moments. By the time we are done with our classes, we don’t have a team of investigators knowing which buttons are best to click, but instead a group of trained investigators that can identify what that OSINT track looks like and how to get around the thing super fast and consistently.