Broker Check

OSINT Explained

May 26, 2022

You may have seen the acronym OSINT used in connection with cyber risk. Full disclosure: I don't like acronyms when they're used without explanation. Fortunately, a post by "Sarah" at usersearch.org explains what you need to know. The full post is at usersearch.org/updates/2022/05/23/are-you-curious-about-osint/. 

OSINT stands for "open source intelligence" and was originated by the United States military. It's a method of collecting data from publically accessible databases. It goes beyond searching search engines. It's used by sales, marketing and cybersecurity groups.

OSINT is a system of techniques, technologies and approaches for data gathering from multiple sources in traditional media and Internet forums, chat rooms, social media and the dark web.

Advantages of OSINT:

  • Minimal financial commitment.
  • No need to obtain permission to use.
  • Routinely exchanged and upgraded.
  • Aids businessowners and policy makers in developing objectives.
  • Used in national welfare and security.     

OSNIT analysis requires using and handling databases to locate, modify or change information. It includes threat assessment and analysis. Bilingualism or multilingualism is an asset. (For government workers, Russian, Chinese and Arabic are most useful languages. Business needs will vary.) 

OSINT analysts use in-depth understanding of cybersecurity to conduct research, distribute data and spot concerns.

There is a board Certified  in Open Source Intelligence course.

In addition to UserSearch, OSINT blogs include BellingCat, Bushido Token, Cyber Shafarat (Middle East and Asia), Daniel Miessler and Bleeping Computer. Tools and databases include Pastebin, DuckDuckGo, ScamSearch, Google Hacking Database, Shodan, Maltego, SpiderFoot, Metagoofil, NextVision and Tineye.