Course Outline
As attack surfaces expand across cloud ecosystems, collaborative code repositories, and social engineering enhanced by the use of AI, defenders must proactively identify how their exposed assets and digital footprints appear to their adversaries. This comprehensive, one-day training equips participants with practical, effective OSINT (Open-Source Intelligence) skills to detect unintended exposure, reduce risk, and enhance investigations.
Through hands-on exercises with browser-based reconnaissance tools, public intelligence sources, and search techniques, attendees will learn how attackers profile targets and how defenders can use the same visibility to secure assets, detect data leaks, and strengthen threat modeling.
What You'll Learn
By the end of the day, participants will be able to:
Map an organization's public assets and services by identifying Internet-facing infrastructure and metadata exposed by cloud and other third-party providers with legal, safe OSINT tradecraft.
Understand common exposure vectors such as misconfigured DNS records, forgotten cloud services, and exposed secrets in public git repositories.
Utilize sophisticated search engine indexing techniques across websites like LinkedIn, X, and Instagram to understand how attackers might build phishing campaigns.
Recognize indicators of data breaches and credential leaks and understand how threat actors weaponize them.
Enrich alerts and investigations with external intelligence by tracing threat infrastructure, campaign patterns, and attacker attribution hints.
Realize the risk of poor operational security across the enterprise and offer suggestions to improve or remediate it.
Hands-On Experience
Participants will get hands-on with tradecraft such as Shodan, Google-dorking, DNSDumpster, Burp Suite Community, and more as they utilize OSINT to analyze our fictional organization. Participants will develop strategies to gain unintended access to corporate resources through their findings. These labs come with an electronic workbook that students will continue to have access to after the training.
Target Audience
Security analysts, penetration testers, threat hunters, incident responders, and really any employee who wishes to be security conscious. The course will have something for both beginner and intermediate levels alike
Trainer Bios
Katelin Grogan is a cybersecurity analyst and GIAC certification-holder with 4 years of professional experience identifying vulnerabilities across customer system and network configurations in the DC/Virginia area. She was a recipient of the CyberCorps Scholarship for Service at Auburn University where she graduated in 2021. Outside of work, she enjoys thrifting and repurposing cheap tech, home-labbing, and reverse-engineering malware, having presented her her first conference talk JMP Into Malware Analysis at BSidesCharm 2025 and workshop From Detection to Eradication: Live Ransomware Incident Response in an Enterprise Lab at National Cyber Summit 2025. She is a CompTIA Security+ and CySA+ SME as well as a member of the NoVA Hackers Club
Rich Dunham is a cybersecurity professional with over 15 years of experience in offensive and defensive cyber operations as well as experience in tactical and strategic ground communications with the US Army. Rich has held positions within the Department of Defense, where he led national-level cyber missions. In addition to his work in defense and critical infrastructure, Rich has contributed to cybersecurity initiatives for humanitarian organizations around the world, helping them improve digital resilience in high-risk regions. He holds many certifications including CISSP, GSE, GPEN, GCFA, GCIH, and PMP, and is a CompTIA SME and part of the CompTIA SME Technical Advisory Committee (CSTAC).
Hector Gomez is a penetration tester and CISSP-certified cybersecurity practitioner with four years of experience uncovering vulnerabilities across enterprise networks throughout the DMV. Before transitioning to industry, Hector spent five years in the U.S. Army executing cybersecurity missions with direct implications for national security. He brings a mission-focused approach to offensive security, specializing in adversary emulation, attack surface analysis, and delivering actionable insights that help organizations strengthen their defensive strategy.