Mapping An Adversary's Digital Footprint

In the early 20th Century Dr. Edmond Locard famously observed "every contact leaves a trace," and that principle in forensics is no less true today in computer forensics. Everything we do online leaves a trail of IP addresses, of services used, of log files created. And whenever there is an online attack, either consciously or unconsciously the adversary leaves a digital footprint. So it stands to reason that if one could map out these footprints, scope out the infrastructure being used, one might prevent future attacks. That's exactly the type of thinking at RiskIQ and it starts to explain the company's acquisition of PassiveTotal last week.