Maltego

Last updated
Maltego Platform
Developer(s) Maltego Technologies GmbH
Initial releaseOctober 23, 2007;16 years ago (2007-10-23)
Stable release
4.8.0 / August 30, 2024;25 days ago (2024-08-30)
Website maltego.com

Maltego is an all-in-one platform for open-source intelligence (OSINT) and cyber investigations, developed by Maltego Technologies GmbH, a company headquartered in Munich, Germany.

Contents

Maltego is used by organizations across both the private and public sectors to support OSINT investigations, especially by cyber threat intelligence teams and law enforcement. It is employed by organizations such as the FBI, INTERPOL, financial institutions, and several DOW 30 companies.

The platform supports both basic OSINT investigations for novice users and advanced analysis of large datasets for experienced analysts. It offers the ability to integrate internal data with a broad array of external data sources provided by Maltego. It also features tools for real-time collection, monitoring, and preservation of social media intelligence for public safety efforts, risk management, and legal prosecutions.

History

Maltego was originally developed by Paterva, [1]  a company based in Pretoria, South Africa. In 2019, Maltego Technologies, headquartered in Munich, Germany, assumed responsibility for all global customer-facing operations and later technology development and management.

Certification and Compliance

In 2023, Maltego Technologies received ISO 27001:2022 certification, [2]  an international standard for managing information security. The certification was renewed in 2024, to reflect the company’s ongoing commitment to maintaining internationally recognized standards of information security. Prior to obtaining ISO 27001:2022 certification, Maltego had already been compliant with the General Data Protection Regulation (GDPR).

Charlesbank Acquisition

On April 18, 2023, Maltego Technologies was acquired by Charlesbank Technology Opportunities Funds, managed by Charlesbank Capital Partners, for an undisclosed amount. [3]  As part of this acquisition, Charlesbank committed to investing over $100 million USD into the company to support its growth and development.

Philip Mayrhofer, Managing Director of Maltego, commented on the acquisition, stating, "The Maltego platform is all about empowering investigators. Charlesbank shares our vision. They have made a significant investment in the company to accelerate product development and sales internationalization. This enables us to add more features and data sources and to improve usability for even more investigators." [4]

Following the acquisition, Maltego introduced new browser-based investigation capabilities and simplified data access, aimed at serving both novice and advanced investigators. The platform's expanded features were designed to facilitate collaboration in various settings, enhancing its utility for a broader range of users.

Caleb Barlow, an industry expert who advised Charlesbank on the acquisition and joined Maltego's board, highlighted the platform's importance, stating, "I have known Maltego for over a decade, and it has been a staple in every cyber operators toolbox." [5]   The investment was facilitated by Robert W. Baird, who served as the exclusive M&A adviser to Maltego and its selling shareholders.

Acquisition of PublicSonar and Social Network Harvester

In March 2024, Maltego Technologies acquired PublicSonar and Social Network Harvester to provide more capabilities to its all-in-one investigation platform. [6]

PublicSonar, developed in the Netherlands, offered a tool that leverages OSINT for large-scale, real-time monitoring, particularly in the context of physical security and public safety. It was widely used by organizations to manage public safety operations by analyzing and acting upon data from various open sources. By integrating PublicSonar into its platform, Maltego expanded its capabilities beyond cyber intelligence to include real-time public safety management. After the acquisition, PublicSonar, was rebranded as Maltego Monitor, reflecting its new role within the suite of tools of the German company.

Social Network Harvester was designed for social network analysis, enabling investigative teams to collect, analyze, and preserve social media data that can be used as court-admissible evidence. It was particularly used by law enforcement and intelligence agencies that require robust tools for tracking and analyzing social media activities. After the acquisition, the German-developed Social Network Harvester was rebranded as Maltego Evidence and integrated into the platform offering.

These acquisitions were motivated by Maltego’s vision of creating a comprehensive platform that supports a wide range of investigative needs, from cyber threat intelligence to public safety and legal investigations.

By integrating these tools, Maltego strengthens its position as a platform for organizations involved in complex investigations with the ability to manage and interpret vast datasets.

Product

In 2023, Maltego began its transition from a single link analysis tool to an all-in-one platform that supports a wide range of users, including novice investigators, trained OSINT analysts, and technical investigators at law enforcement agencies, government institutions, large cyber threat intelligence teams, and enterprises worldwide.

Tools in the All-in-One Platform

The Maltego Graph, previously known as the Maltego Desktop Client, has been widely used for conducting complex and large-scale OSINT investigations, with the flexibility to integrate with other tools via API.

In late 2023, Maltego introduced Maltego Search (originally released as OSINT Profiler), a browser-based tool designed to facilitate quick and automated preliminary OSINT searches, making it accessible to non-technical users.

Following the acquisition of additional capabilities in April 2024, the platform expanded to include Maltego Monitor (formerly PublicSonar) and Maltego Evidence (formerly Social Network Harvester). These tools enhance the platform by providing monitoring and social network analysis functionalities, thereby broadening the scope of investigative support offered by Maltego.

Data in the All-in-One Platform

Maltego Data is a component of the Maltego platform that provides access to both internal and external data sources. This offering includes the Maltego Data Pass, Connectors, and Connector Builders.

Maltego Data Pass offers users access to a curated and expanding collection of data sources relevant to a wide range of investigations, including those focused on persons of interest, threat intelligence, cryptocurrency, the dark web, and corporate intelligence. The Data Pass operates on a credit-based system, with allowances included in the user’s plan. Maltego serves as an intermediary, ensuring that data providers do not have visibility into the investigative activities of users.

Maltego Connectors are integrations that enhances the platform's capabilities by enabling seamless access to over 100 pre-built Connectors, allowing users to effortlessly integrate additional data sources into their investigations with a single click.

Connector Builders allow users to create custom Connectors to access internal data sources or external APIs for which they have API keys. This feature enables organizations to customize their data integration, utilizing Maltego's SDKs and Transform libraries. Users can also deploy Connectors developed and shared by the broader community, such as those available on GitHub.

Services in the All-in-One Platform

Maltego offers a range of services as part of its platform for customers on Professional and Organization plans. These services include:

Related Research Articles

Customer relationship management (CRM) is a process in which a business or other organization administers its interactions with customers, typically using data analysis to study large amounts of information.

<span class="mw-page-title-main">SANS Institute</span> American security company

The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

Open source intelligence (OSINT) is the collection and analysis of data gathered from open sources to produce actionable intelligence. OSINT is primarily used in national security, law enforcement, and business intelligence functions and is of value to analysts who use non-sensitive intelligence in answering classified, unclassified, or proprietary intelligence requirements across the previous intelligence disciplines.

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

The Australian High Tech Crime Centre (AHTCC) are hosted by the Australian Federal Police (AFP) at their headquarters in Canberra. Under the auspices of the AFP, the AHTCC is party to the formal Joint Operating Arrangement established between the AFP, the Australian Security Intelligence Organisation and the Computer Network Vulnerability Team of the Australian Signals Directorate.

Panorama Software is a Canadian software and consulting company specializing in business intelligence. The company was founded by Rony Ross in Israel in 1993; it relocated its headquarters to Toronto, Canada in 2003. Panorama sold its online analytical processing (OLAP) technology to Microsoft in 1996, which was built into Microsoft OLAP Services and later SQL Server Analysis Services, an integrated component of Microsoft SQL Server.

<span class="mw-page-title-main">Qlik</span> Software company whose main products are QlikView and Qlik Sense

Qlik [pronounced "klik"] provides a data integration, analytics, and artificial intelligence platform. The software company was founded in 1993 in Lund, Sweden and is now based in King of Prussia, Pennsylvania, United States. Thoma Bravo made the company private in 2016.

<span class="mw-page-title-main">Splunk</span> American technology company

Splunk Inc. is an American software company based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated data via a web-style interface. Its software helps capture, index and correlate real-time data in a searchable repository, from which it can generate graphs, reports, alerts, dashboards and visualizations.

<span class="mw-page-title-main">Department of Defense Cyber Crime Center</span> United States defense organization

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a Department of Defense (DoD) Center Of Excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E, and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.

Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to the operation of security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats.

Recorded Future, Inc. is an American privately held cybersecurity company founded in 2009, with headquarters in Somerville, Massachusetts.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Dell Software</span> Former software division of Dell, Inc.

Dell Software was a former division of Dell with headquarters in Round Rock, Texas, United States. Dell Software was created by merging various acquisitions by Dell Inc., the third-largest maker of PCs and now a privately held company, to build out its software offerings for data center and cloud management, information management, mobile workforce management, security and data protection for organizations of all sizes.

CyberHumint refers to the set of skills used by hackers, within Cyberspace, in order to obtain private information while attacking the human factor, using various psychological deceptions. CyberHumint includes the use of traditional human espionage methodologies, such as agent recruitment, information gathering through deception, traditionally known as Humint, combined with deception technologies known as Social engineering.

Threat Intelligence Platform (TIP) is an emerging technology discipline that helps organizations aggregate, correlate, and analyze threat data from multiple sources in real time to support defensive actions. TIPs have evolved to address the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and help security teams identify the threats that are relevant to their organization. By importing threat data from multiple sources and formats, correlating that data, and then exporting it into an organization’s existing security systems or ticketing systems, a TIP automates proactive threat management and mitigation. A true TIP differs from typical enterprise security products in that it is a system that can be programmed by outside developers, in particular, users of the platform. TIPs can also use APIs to gather data to generate configuration analysis, Whois information, reverse IP lookup, website content analysis, name servers, and SSL certificates.

McAfee Institute is an American professional certification and training organization founded in 2010 by Joshua McAfee. The Institute specializes in providing online education for professionals in the intelligence, investigations, and law enforcement sectors. McAfee Institute offers certifications and training programs in fields such as cyber intelligence, cryptocurrency investigations, open-source intelligence (OSINT), human trafficking investigations, and workplace violence prevention.

Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, and other wireless devices to corporate networks creates attack paths for security threats. Endpoint security attempts to ensure that such devices follow compliance to standards.

<span class="mw-page-title-main">Anomali</span> American cybersecurity company

Anomali Inc. is an American cybersecurity company that develops and provides threat intelligence products. In 2023, the company moved into providing security analytics powered by artificial intelligence (AI).

<span class="mw-page-title-main">National Open Source-Intelligence Agency</span> Proposed US government agency

The National Open Source-Intelligence Agency (NOSA) is a proposed 19th member of the United States Intelligence Community (IC) to be tasked with the collection and exploitation of open-source intelligence (OSINT). Creation of the agency would consolidate open source efforts from across the US government into a new functional manager for the open-source intelligence discipline, drawing resources from the Open Source Enterprise of the Central Intelligence Agency, the Open Source Integration Center (OSIC) of the Defense Intelligence Agency, the National Geospatial-Intelligence Agency, as well as other open source focused entities across the government.

References

  1. "Welcome to Maltego". www.maltego.com. Retrieved 2024-09-04.
  2. "Maltego is Now ISO 27001:2022 Certified!". www.maltego.com. Retrieved 2024-09-04.
  3. "Maltego Secures $100M to Accelerate Growth of its Intelligence Platform to Combat Cybercrime and Misinformation". www.maltego.com. Retrieved 2024-09-04.
  4. "Maltego Secures $100M to Accelerate Growth of its Intelligence Platform to Combat Cybercrime and Misinformation". www.maltego.com. Retrieved 2024-09-04.
  5. "Maltego Secures $100M to Accelerate Growth of its Intelligence Platform to Combat Cybercrime and Misinformation". www.maltego.com. Retrieved 2024-09-04.
  6. "Maltego Acquires PublicSonar and Social Network Harvester to Propel Vision of An All-in-One Investigation Platform". www.maltego.com. Retrieved 2024-09-04.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.