OSINT is intelligence produced by collecting and analyzing public information with the purpose of answering a specific intelligence question.
February 23, 2023
Open-Source Intelligence (OSINT) is defined as intelligence produced by collecting, evaluating and analyzing publicly available information with the purpose of answering a specific intelligence question.
It’s important to note that information does not equal intelligence. Without giving meaning to the data we collect, open-source findings are considered raw data. It is only once this information is looked at from a critical thinking mindset and analyzed that it becomes intelligence.
For instance, conducting OSINT is not simply saving someone’s Facebook friends list. It’s about finding meaningful information that is applicable to the intelligence question and being able to provide actionable intelligence in support of an investigation. Another way to look at it is to answer, “why does this data matter” and provide meaningful intelligence about the data collected.
• Public Records
• News media
• Libraries
• Social media platforms
• Images, Videos
• Websites
• The Dark web
• Government
• Law Enforcement
• Military
• Investigative journalists
• Human rights investigators
• Private Investigators
• Law firms
• Information Security
• Cyber Threat Intelligence
• Pen Testers
• Social Engineers
We all use open-source and probably don’t even realize it, but we also use it for different reasons. You might use open-source information to do a credibility check and to find out more about the person selling you something on Facebook marketplace. You may research someone you met on a dating app or before hiring someone for a job.
A few years ago I found someone’s driver’s license on the street when I was on a lunch break. I picked it up, thinking I should drop it off at the local driver’s license branch. Then I thought to myself, I wonder what I will find if I just Google the person’s name (which I did). Turns out the second Google result was a LinkedIn page with the person’s name, photo, and workplace which was in the area. I decided to call the company and ask to speak with this person and let them know I had found their license on the street.
It seems like it was too easy to Google and find the result quickly but this is not uncommon nowadays. Most people, if not everyone, have some sort of digital footprint. This is a simple example to show you how quickly you can find information on a person by simply Googling their name.
Let’s talk about the Intelligence Cycle and what it means for those working in OSINT. There are some variations of the intelligence cycle but generally, it includes similar steps. Using the Intelligence Cycle can assist with understanding what each stage of the cycle means to the OSINT research that will follow.
Preparation is when the needs and requirements of the request are assessed, such as determining the objectives of the tasking and identifying the best sources to use to find the information for which you are looking.
Collection is the primary and most important step in collecting data and information from as many relevant sources as possible.
Processing is when the collected data and information are organized or collated.
Analysis and Production is the interpretation of the collected information to make sense of what was collected, i.e. identifying patterns or a timeline of travel history. Produce a report to answer the intelligence question, draw conclusions, and recommend next steps.
Dissemination is the presentation and delivery of open-source findings, i.e. written reports, timelines, recommendations, etc. Answer the intel question for stakeholders.
Understand the difference between passive and active research, as each type of research can have different implications for your organization.
Passive means you do not engage with a target. Passive open-source collection is defined as gathering information about a target using publicly available information. Passive means there will be no communicating or engaging with individuals online, which includes commenting, messaging, friending, and/or following.
Active means you are engaging with a target in some fashion, i.e. adding the target as a friend on social profiles, liking, commenting on the target’s social media posts, messaging the target, etc. Active open-source research is considered engagement and can be looked upon as an undercover operation for some organizations. Please be aware of the differences and request clarification from your agency prior to engaging.
For active research, it’s a must to blend in with the group. If you are engaging with a target you may want to create a couple of accounts on different platforms to make it look like you are a real person.
Each organization may have different interpretations of what is considered passive versus active engagement. For example, joining private Facebook Groups may appear passive to some organizations, whereas others may consider this as engaging. Sometimes this difference can imply some sort of undercover operation capacity, therefore it’s extremely important to have SOPs that outline where the organization stands with this type of engagement.
Some researchers justify joining groups as passive, as they are only “passively” looking and not actually communicating with targets.
A good example to consider is where a Facebook Group consists of 500 members or more, where blending in may be easy, whereas a smaller group of 20 people may be riskier. Talk to your managers before proceeding one way or the other.
Open Source Intelligence (OSINT) is the collection, analysis, and dissemination of information that is publicly available and legally accessible. Right now, OSINT is used by a organizations, including governments, businesses, and non-governmental organizations. It is useful in information gathering for a wide range of topics such as security threats, market research, and competitive intelligence.
Here are some common ways in which OSINT is used:
Security and Intelligence: OSINT can be used to gather information on potential security threats, such as terrorist activity or cyberattacks. It can also be used for intelligence gathering on foreign governments, organizations, or individuals.
Business and Market Research: OSINT can be used to gather information on competitors, industry trends, and consumer behavior. This information can be used to inform business strategy and decision-making.
Investigative Journalism: OSINT can be used by journalists to gather information on a range of topics, including politics, business, and crime. This can help to uncover stories and provide evidence for reporting.
Academic Research: OSINT can be used by researchers to gather data on a range of topics, including social trends, public opinion, and economic indicators.
Legal Proceedings: OSINT can be used in legal proceedings to gather evidence or to conduct due diligence on potential witnesses or defendants.
OSINT is an exceptional tool for gathering information on a wide range of topics and can be used by a variety of organizations and individuals to inform decision-making and strategy.
Open-source intelligence (OSINT) is beneficial because it offers several advantages over other forms of intelligence collection.
Here are some reasons why OSINT is valuable:
Access to publicly available information: OSINT collects publicly available and legally accessible information. This means that organizations do not have to rely on classified or restricted sources of information, which can be costly and time-consuming to get.
Wide range of sources: OSINT can be gathered from a wide range of sources, including social media, news articles, government reports, and academic papers. Organizations can gather information on a wide range of topics from many different perspectives.
Timeliness: Because OSINT relies on publicly available information, it can be gathered quickly and in real time. Organizations or businesses can stay up-to-date on current events and emerging trends.
Cost-effective: OSINT is more cost-effective than other forms of intelligence collection, such as human intelligence or signal intelligence. This is because OSINT relies on publicly available information and does not require specialized equipment or personnel.
Transparency: OSINT is transparent and can be easily verified. This means that organizations can be confident in the accuracy and reliability of the information they gather.
OSINT offers many advantages over other forms of intelligence collection, making it a valuable tool for a wide range of organizations and individuals.
Open-source intelligence (OSINT) is the practice of collecting and analyzing publicly available information to generate actionable intelligence. Here’s a general overview of how OSINT works:
Collection: OSINT collection involves gathering publicly available information from a variety of sources such as social media, news articles, government reports, academic papers, and commercial databases. This process can be done manually by searching for and reviewing sources, or through automated tools that can search and aggregate information.
Processing: Once the information is collected, it is processed to remove duplicate, irrelevant or inaccurate data. This step involves filtering and categorizing the information based on relevance and importance.
Analysis: The processed information is then analyzed to identify trends, patterns, and relationships. This can involve using data visualization tools, data mining, and natural language processing to extract meaningful insights from the data.
Dissemination: The final step in the OSINT process is disseminating the intelligence to decision-makers. This can be done in the form of reports, briefings, or alerts, depending on the needs of the organization.
OSINT is an iterative process that involves constantly refining the collection, processing, and analysis of information based on new data and feedback. Additionally, OSINT is subject to the same biases and limitations as other forms of intelligence collection, and therefore requires careful evaluation and interpretation by trained analysts.
Open-source intelligence (OSINT) encompasses a wide range of techniques for collecting and analyzing publicly available information. Here are some common OSINT techniques:
Search Engines: Search engines such as Google, Bing, and Yahoo are valuable tools for gathering OSINT. By using advanced search operators, analysts can quickly filter and refine search results to find relevant information.
Social Media: Social media platforms such as Twitter, Facebook, and LinkedIn are valuable sources of OSINT. By monitoring and analyzing social media activity, analysts can gain insight into trends, sentiment, and potential threats.
Public Records: Public records such as court documents, property records, and business filings are valuable sources of OSINT. By accessing these records, analysts can gather information on individuals, organizations, and other entities.
News Sources: News sources such as newspapers, magazines, and online news outlets are valuable sources of OSINT. By monitoring and analyzing news articles, analysts can gain insight into current events, trends, and potential threats.
Web Scraping: Web scraping involves using software tools to extract data from websites. By scraping data from multiple websites, analysts can gather large amounts of data quickly and efficiently.
Data Analysis Tools: Data analysis tools such as Excel, Tableau, and R are valuable for analyzing large datasets. By using these tools, analysts can identify patterns, trends, and relationships in the data.
OSINT techniques are constantly evolving as new technologies and sources of information become available. It’s important for analysts to stay up-to-date on new techniques and tools in order to effectively gather and analyze OSINT.
Learn more about OSINT by taking SEC497 Practical Open Source Intelligence (OSINT)
Learn more about OSINT Training
View more about OSINT Certification
Check out our SANS OSINT Resources
Check out our SANS OSINT Tools