What was once the domain of highly specialized teams even half a decade ago, the collection and utilization of OSINT data as a function of security is now becoming a critical component of overall threat intelligence for both corporate and information security teams. With this rise in priority has come the expansion of teams and an influx of new OSINT practitioners.
“[OSINT is intelligence] produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.” – U.S. Director of National Intelligence
OSINT IS NOT A BUBBLE
To meet the demands of the security landscape – whether that be corporate, law enforcement, government, intelligence, or military – a comprehensive set of tactics, techniques, and procedures (TTP) must be employed. To that point – OSINT is no magic bullet. It is but one facet of intelligence one could gather to be added to a bigger pool of investigative data from other sources in order to best complete the mission at hand.
AN OSINT INVESTIGATION IS JUST AN OSINT INVESTIGATION
OSINT investigations are just that – an investigation that collects OSINT data and that alone. It generally shouldn’t be associated with hacking, intrusion testing, physical security testing, undercover operations or any other security-related offerings. If your OSINT investigation starts to require the above, it might be time to get a warrant.
“The main qualifiers to open-source information are that it does not require any type of clandestine collection techniques to obtain it and that it must be obtained through means that entirely meet the copyright and commercial requirements of the vendors where applicable.” – Mark M. Lowenthal
WHAT YOU’LL LEARN
- Understand the legal and ethical best practices for gathering open source intelligence (OSINT).
- Distinguish between the laws and warrants that apply to Law Enforcement and Corporate Security teams gathering OSINT.
- Learn how to eliminate personal bias and keep ethics and civil liberties at the top of mind to maximize the effectiveness of your investigations.