INTELLIGENCE
METHODOLOGY
We translate raw OSINT signals into strategic risk intelligence using internationally recognized cybersecurity standards. Our scoring is objective, transparent, and verifiable.
Software Vulnerabilities (CVSS)
For technical flaws in WordPress plugins, PHP versions, or network services, we utilize the Common Vulnerability Scoring System (CVSS v3.1). This provides a numerical score reflecting the severity of a vulnerability.
Base Score Metrics
- • Attack Vector (Network/Physical)
- • Complexity (Low/High)
- • Privileges Required
- • User Interaction
Impact Metrics
- • Confidentiality Impact
- • Integrity Impact
- • Availability Impact
Configuration Risk (OWASP)
Network exposures like open databases or improperly secured ports are mapped to the OWASP Top 10. Specifically, we focus on A05:2021 – Security Misconfiguration, highlighting how these exposures enable lateral movement or data exfiltration.
Exposure Impact
How easily can an adversary leverage this open service to gain a foothold?
Exploitability
Are there public exploits or automated tools available for this specific exposure?
Identity Exposure
Our Data Breach Explorer correlates corporate identities against billions of leaked records. We prioritize "Identity Risk" based on the age of the breach and the sensitivity of the exposed data (e.g., plaintext passwords vs. encrypted hashes).
Global References
- NIST National Vulnerability Database
- OWASP Top 10 Project
- CISA KEV Catalog
- SANS CWE Top 25
- HaveIBeenPwned API
Want deeper analysis?
Upgrade to OSINT Premium for automated daily drift alerts and remediation roadmaps.
View Plans