Think you can hide on the Internet? If you leave even a few digital breadcrumbs behind, someone can follow your trail and find you hiding in that cave a hundred miles below the Earth's surface.
At Black Hat 2013 some weeks back, I took a two-day class on using Maltego to do just that.
http://www.blackhat.com/us-13/training/digital-intelligence-gathering-using-maltego.html
Other security training classes that I've previously taken have mentioned Maltego in passing, but never dove into it. This is probably because 1) the older community versions of the tool in the past had some painful crippled limitations, 2) those vendor-neutral courses didn't want to unnecessarily praise a commercial product, and 3) most importantly, you can essentially do what the tool does using manual methods with other native tools on an operating system or using online resources.
But that said, using Maltego as part of an investigation provides some nice visual tracks to follow, assuming you carefully proceed along logical lines of thought. It's very easy (and misleading) to simply extract all the information possible at once and end up with a nice collection of gibberish data with too many false inferences.
Digital Intelligence Gathering Using Maltego was taught by two people - Chris Bohme and Andrew Macpherson, both employees of Paterva (the organization which produces Maltego). As a matter of fact, they're the only employees of Maltego. I never realized how small Paterva is.
Here's their YouTube channel:
http://www.youtube.com/user/PatervaMaltego
The class was structured around the newest release version known as Tungsten. More than just "these are the buttons Maltego has and how to use them," the class is focused on leveraging open source intelligence (freely-available data which can be extracted from public sources) and finding your target. From what I've heard, if there's one step that many pentesters tend to skip, it's reconnaissance, a critical part of the overall process of determining the attributes of a person or organization for much more efficient intrusion and exfiltration later on.
I've made very little use of Maltego in the past, although I have a licensed copy at work. This is partly due to getting other priorities done, but also because I've never understood how to use the tool properly. Going through the course was very helpful in realizing what I've been doing wrong and seeing other tricks in gathering more information.
The course is a bit of lecture, some review of the architecture of online information resources (in case some students are completely oblivious to certain fundamentals like how DNS works), and lots of hands-on time digging for clues and unearthing the target hidden in the vast online metropolis of the Internet, pivoting from one information type to the next and connecting the dots. All this is complemented by real-world use-cases. The last part of the second day involves a capture-the-flag challenge. By this point, one student was exhausted and was about to leave, although the instructors provided the additional inspiration to keep her going.
I've only seen this class available at Black Hat conferences, although I'm assuming it's probably available elsewhere or through direct in-person training for your company. Overall this was a fun class, but most people can probably make do with other tools to perform recon. Maltego's licensing is relatively cheap though and it's pretty slick to look at when demonstrating recon visually to folks who don't understand how this sort of thing works. It also has that cool factor if you want the typically-unrealistic Hollywood operating system representation of information security.
If anything, Maltego can visually provide good justification on why certain areas of security need to be improved to reduce leaks from metadata, public information postings, liability from working with third parties who may disclose information unintentionally, etc., all the while being a powerful tool (in the right hands) to spot your own weaknesses from the perspective of the outside world. You may be tempted to lock your windows a bit more tightly after you evaluate your own exposure.
