- Home
- Techniques
- PRE-ATT&CK
- Identify job postings and needs/gaps
Identify job postings and needs/gaps
Job postings, on either company sites, or in other forums, provide information on organizational structure and often provide contact information for someone within the organization. This may give an adversary information on technologies within the organization which could be valuable in attack or provide insight in to possible security weaknesses or limitations in detection or protection mechanisms. [1]
Similar Techniques by Tactic
Tactic | Technique |
---|---|
Organizational Information Gathering | Identify job postings and needs/gaps |
People Information Gathering | Identify job postings and needs/gaps |
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Impossible to differentiate between an adversary and a normal user when accessing open/public information.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Publicly posted information by design. Providing too much detail in the job posting could aid the adversary in learning more about the target's environment and possible technical weaknesses/deficiencies.
References
- Jay D. Krasnow. (2000, October). The Competitive Intelligence and National Security Threat from Website Job Listings. Retrieved March 16, 2017.