OSINT — Open Source Intelligence
What OSINT is, how it is used by both security professionals and adversaries, and what OSINT discipline means for organisations.
OSINT — Open Source Intelligence — is the collection, analysis, and use of information from publicly available sources. Used by security professionals to assess threats, map adversaries, and conduct due diligence; and by adversaries to identify targets, map vulnerabilities, and build targeting packages. Understanding OSINT is essential for any organisation managing an information security posture.
Definition
OSINT encompasses all intelligence derived from publicly available information — information that is legally accessible to anyone without special access, authorisation, or technical exploitation. Sources include the open web, social media, news media, public records (company registries, court filings, land registries), academic publications, conference presentations, and commercial databases. OSINT is distinct from signals intelligence (SIGINT), human intelligence (HUMINT), and other classified collection methods.
How OSINT is used by security professionals
- Threat assessment — mapping the threat landscape facing an organisation or individual: who are the likely adversaries, what is their capability, what are they interested in?
- Penetration testing — reconnaissance phase: identifying exposed systems, personnel, and information before an engagement
- Due diligence — background research on individuals, organisations, and third-party vendors
- Protective intelligence — monitoring for indicators of threat against a protected principal: threatening social media, surveillance activity, aggregated personal information
- Incident investigation — post-incident research to identify perpetrators or understand the attack chain
How adversaries use OSINT against organisations
- Personnel mapping — identifying employees, their roles, contact information, and relationship networks from LinkedIn, company websites, and social media
- Technical reconnaissance — identifying exposed systems, software versions, and infrastructure from job postings, GitHub repositories, and scan data
- Physical intelligence — mapping facility locations, vehicle fleets, executive residences, and routine movement patterns
- Social engineering targeting — building detailed profiles of specific individuals to enable convincing impersonation or manipulation
OSINT discipline
OSINT discipline means controlling what your organisation exposes in public communications — reviewing job postings for technology disclosures, managing social media policies, restricting the publication of personnel rosters and facility details, and conducting periodic OSINT assessments of your own organisation to identify what adversaries can collect without any technical access.
Frequently Asked
Request a Cyber Security Assessment
Operational engagements start with a vetted conversation. Mission Support responds inside one working day for governmental and Tier-1 enquiries.
Continue to service brief