Cyber Security Terms
Open Source Intelligence

What is Open Source Intelligence?

Open source intelligence (OSINT) is data obtained from publicly available sources which is analyzed and processed for intelligence purposes.

OSINT analysts are specialized in using sophisticated methods and tools to explore and pinpoint data to meet their objectives.

While OSINT sources are available to anyone, many times they are not broadly known to be publicly available. OSINT can be found both offline and online.

Common examples of information used for OSINT include:

Offline

  • Diplomatic Documentation
  • Academic Documentation
  • Corporate Documentation
  • Mass Media

Online

  • Internet Search/Database
  • Social Media Platforms
  • Sharing & Publishing
  • Blogging, Forums, and Online Communities
  • Deep web
  • Dark web

Open Source Intelligence Uses

Information security teams leverage OSINT for two reasons:

Discovering an Organization's Public-Facing Internal Assets

Using penetration testing (or ethical hacking), OSINT analysts test an organization's cybersecurity. Intelligence accessible through penetration includes:

  • Data leaks
  • Unpatched software
  • Open ports and unsecured devices
  • Exposed assets, such as IP addresses, networks, device names, and software versions.

Identifying External Information About An Organization

External information, like social media posts and content the dark and deep web can also create many cyber threats.

The Dangers of OSINT

Threat actors can use the same specialized methods that OSINT analysts do, but for malicious purposes. They instead gather intelligence to enact cyber attacks, such as:

Key takeaways

  • Check icon
    Open source intelligence is available from publicly accessible materials - both online and offline.
  • Check icon
    Information security teams use OSINT to discover public-facing internal assets and to identify external information about an organization.
  • Check icon
    Cyber criminals can use OSINT tools and techniques to carry out cyber attacks.
  • Check icon
  • Check icon
Reviewed by
No items found.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Abstract shapeAbstract shape

More from our blog

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up to our newsletter

Get the latest curated cybersecurity news, breaches, events and updates in your inbox every week.
Abstract shapeAbstract shape
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan ratingAbstract shape