Social engineers collect intelligence on human targets to develop identity paths for attack and compromise. Picnic emulates this external, human attack surface reconnaissance to provide customers with Target Intelligence about their organization seen from the perspective of threat actors.
Picnic’s Target Intelligence Reports leverage Picnic’s platform to analyze and share intelligence on recent attacks to help organizations take proactive measures to reduce their human attack surface and disrupt attacker reconnaissance and resource development. Our reports help security teams understand how attackers exploited OSINT exposure and established infrastructure in an attack so they can preemptively remediate risk to their organization.
Twilio: Lessons Learned
In this report (Issue #1), we analyze the September 2022 Twilio data breach to understand how the attacker leveraged open-source information and used social engineering to target Twilio employees. The report includes proactive remediation steps for organizations to take to help lower the risk of attackers being successful in the future.