Open-source intelligence

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages) The examples and perspective in this article deal primarily with the United States and do not represent a worldwide view of the subject. You may improve this article, discuss the issue on the talk page, or create a new article, as appropriate. (December 2010) (Learn how and when to remove this message) This article needs to be updated. Please help update this article to reflect recent events or newly available information. (April 2017) This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Open-source intelligence" – news · newspapers · books · scholar · JSTOR (October 2024) (Learn how and when to remove this message) (Learn how and when to remove this message)

Part of a series on
Intelligence
Phases of Intelligence
Intelligence cycle Intelligence cycle management Espionage Intelligence assessment Intelligence analysis Intelligence collection plan
Framework
Intelligence law History of espionage Intelligence failure Blowback (intelligence) Intelligence studies Intelligence sharing Intelligence requirement Total Espionage doctrine Agent handling Recruitment of spies Clandestine HUMINT operational techniques Code name Treason
Areas of Intelligence
Raw intelligence All-source intelligence Counterintelligence I.S.R. Military intelligence Clandestine human intelligence Human intelligence (intelligence gathering) Technical intelligence Cyber threat intelligence Medical intelligence Signals intelligence Open-source intelligence Imagery intelligence Acoustical intelligence Geospatial intelligence Intelligence outsourcing Basic intelligence Strategic intelligence Criminal intelligence Measurement and signature intelligence Communications intelligence Electronic intelligence Foreign instrumentation signals intelligence Telemetry intelligence Air intelligence Naval intelligence Cyber espionage Nuclear espionage Sexpionage Tradecraft
Corporate sector
Industrial espionage Marketing intelligence Market intelligence Business intelligence Commercial intelligence
People
Intelligence officer Asset (intelligence) Intelligence community Intelligence agency Private intelligence agency Cover (intelligence gathering) Foreign Intelligence Service Military attaché Mole (espionage) Cutout (espionage) Sleeper agent Atomic spies Resident spy Espionage organizations
Culture
Intelligence literature Spy fiction Spy film
v t e

Open-source intelligence (OSINT) refers to the systematic collection, evaluation, and analysis of publicly available information from open sources to produce actionable intelligence. These sources include, but are not limited to, traditional media (newspapers, radio, television), government publications, academic research, commercial databases, public websites, social media platforms, geospatial data, and technical infrastructure information.

OSINT is employed across a wide range of sectors including national security, law enforcement, corporate intelligence, journalism, cybersecurity, humanitarian aid, and academic research. It supports decision-making by providing timely, relevant, and verified insights derived from legally accessible and non-classified materials.

Unlike other forms of intelligence such as human intelligence (HUMINT), signals intelligence (SIGINT), or imagery intelligence (IMINT), OSINT does not rely on covert or classified means of collection. Instead, it leverages information that is freely accessible to the public, often through digital channels, though physical documents and broadcasts also remain valid sources.

OSINT sources can be divided up into six different categories of information flow:^[1]

• Media: print newspapers, magazines, radio, and television from across and between countries.
• Internet: online publications, blogs, discussion groups, citizen media (i.e. – cell phone videos, and user created content), YouTube, and other social media websites (i.e. – Facebook, Twitter, Instagram, etc.). This source also outpaces a variety of other sources due to its timeliness and ease of access.
• Public government data: public government reports, budgets, hearings, telephone directories, press conferences, websites, and speeches. Although this source comes from an official source they are publicly accessible and may be used openly and freely.
• Professional and academic publications: information acquired from journals, conferences, symposia, academic papers, dissertations, and theses.
• Commercial data: commercial imagery, financial and industrial assessments, and databases.
• Grey literature: technical reports, preprints, patents, working papers, business documents, unpublished works, and newsletters.

OSINT is distinguished from research in that it applies the process of intelligence to create tailored knowledge supportive of a specific decision by a specific individual or group.^[2]

Collecting open-source intelligence is achieved in a variety of different ways,^[3] such as:

• Social Media Intelligence, which is acquired from viewing or observing a subject's online social profile activity.
• Search engine data mining or scraping.
• Public records checking.
• Information matching and verification from data broker services.

OSINT, broadly defined, involves gathering and analyzing publicly accessible information to produce actionable insights.^[4]

The U.S. Department of Homeland Security defines OSINT as intelligence derived from publicly available information, collected and disseminated promptly to address specific intelligence needs.^[5]

NATO describes OSINT as intelligence obtained from publicly available information and other unclassified data with limited public distribution or access.^[6]

The European Union defines OSINT as the collecting and analyzing information from open sources to generate actionable intelligence, supporting areas like national security, law enforcement, and business intelligence.^[7]

The United Nations has also recognized OSINT’s potential, noting its value in monitoring member states’ compliance with international regulations across various sectors, including public health and human rights.^[8]

In the private sector, companies like IBM define OSINT as the process of gathering and analyzing publicly available information to assess threats, inform decisions, or answer specific questions. Similarly, cybersecurity firms such as CrowdStrike describe OSINT as the act of collecting and analyzing publicly available data for intelligence purposes.^[9]

OSINT practices have been documented as early as the mid-19th century in the United States and early 20th century in the United Kingdom.^[10]

OSINT in the United States traces its origins to the 1941 creation of the Foreign Broadcast Monitoring Service (FBMS), an agency responsible for the monitoring of foreign broadcasts. An example of their work was the correlation of changes in the price of oranges in Paris with successful bombings of railway bridges during World War II.^[11]

The Aspin-Brown Commission stated in 1996 that US access to open sources was "severely deficient" and that this should be a "top priority" for both funding and DCI attention.^[12]

In July 2004, following the September 11 attacks, the 9/11 Commission recommended the creation of an open-source intelligence agency.^[13] In March 2005, the Iraq Intelligence Commission recommended^[14] the creation of an open-source directorate at the CIA.

Following these recommendations, in November 2005 the Director of National Intelligence announced the creation of the DNI Open Source Center. The Center was established to collect information available from "the Internet, databases, press, radio, television, video, geospatial data, photos and commercial imagery."^[15] In addition to collecting openly available information, it would train analysts to make better use of this information. The center absorbed the CIA's previously existing Foreign Broadcast Information Service (FBIS), originally established in 1941, with FBIS head Douglas Naquin named as director of the center.^[16] Then, following the events of 9/11 the Intelligence Reform and Terrorism Prevention Act merged FBIS and other research elements into the Office of the Director of National Intelligence creating the Open Source Enterprise.

Furthermore, the private sector has invested in tools which aid in OSINT collection and analysis. Specifically, In-Q-Tel, a Central Intelligence Agency supported venture capital firm in Arlington, VA assisted companies develop web-monitoring and predictive analysis tools.

In December 2005, the Director of National Intelligence appointed Eliot A. Jardines as the Assistant Deputy Director of National Intelligence for Open Source to serve as the Intelligence Community's senior intelligence officer for open source and to provide strategy, guidance and oversight for the National Open Source Enterprise.^[17] Mr. Jardines has established the National Open Source Enterprise^[18] and authored intelligence community directive 301. In 2008, Mr. Jardines returned to the private sector and was succeeded by Dan Butler who is ADDNI/OS^[19] and previously Mr. Jardines' Senior Advisor for Policy.^[20]

Open-source intelligence (OSINT) relies on a wide range of tools and platforms to collect, analyze, and validate publicly available information. These tools vary from general-purpose web browsers to specialized software and frameworks designed specifically for open-source investigations.

The web browser serves as a foundational tool in OSINT workflows, granting access to vast amounts of publicly available data across websites, forums, blogs, and databases. It also enables the use of both open-source and proprietary software tools—either purpose-built for OSINT or adaptable for intelligence-gathering purposes.

A number of dedicated tools and platforms have been developed to streamline the process of gathering and analyzing open-source information. These include:

• Maltego : A data visualization tool used for link analysis and reconnaissance.
• Shodan : A search engine for internet-connected devices, often used in cybersecurity research.
• TheHarvester : A tool used for e-mail harvesting and subdomain enumeration.
• FOCA (Fingerprinting Organizations with Collected Archives) : Used to extract metadata and find hidden information in documents.
• Recon-ng : A full-featured web reconnaissance framework written in Python.

The OSINT Framework , an open-source project maintained on GitHub, provides a categorized directory of over 30 major types of OSINT tools, covering areas such as social media investigation, geolocation, domain analysis, and more.[3]

Given the evolving nature of digital platforms and online tools, continuous learning is essential for effective OSINT practice. Numerous educational organizations, investigative groups, and training institutions offer resources to support skill development in this field. Notable contributors include:

• Bellingcat : An independent collective known for its open-source investigative journalism.
• SANS Institute : Offers courses and certifications focused on cybersecurity and digital forensics, including OSINT-related topics.
• IntelTechniques : Provides training materials and tools for journalists, law enforcement, and researchers.

Books such as Open Source Intelligence Techniques by Michael Bazzell serve as practical guides to navigating the digital landscape, offering curated lists of tools and techniques across multiple domains. However, due to the rapid pace of change in the online environment, the author emphasizes the importance of ongoing study, training, and adaptation to maintain relevance and effectiveness in OSINT operations.[1]

As OSINT practitioners often conduct sensitive or public investigations, maintaining personal safety and operational security is critical. Analysts may employ various tools to protect their identity and digital footprint. Ryan Fedasiuk, an analyst at the Center for Security and Emerging Technology, recommends several OPSEC best practices and tools, including:

• Virtual Private Networks (VPNs)
• Cached webpage services (e.g., Google Cache, Wayback Machine)
• Digital archive services
• URL and file scanners (e.g., VirusTotal)
• Browser sandbox applications
• Antivirus software

These tools help reduce exposure to potential threats when conducting online investigations, especially when researching adversarial or high-risk subjects.[2]

In institutional settings, OSINT is often integrated into broader command and control systems. For example, CPCE (Command Post Communications Environment) by Systematic incorporates open-source feeds such as those provided by Jane’s Information Services , enabling real-time intelligence integration into military and defense operations.

One of the primary challenges in open-source intelligence (OSINT) is the sheer volume of publicly available information, often referred to as the "information explosion." The exponential growth of digital content across news platforms, social media, forums, blogs, and official publications presents significant difficulties for analysts attempting to identify, verify, and contextualize relevant data.

The rapid pace at which new information is generated often outstrips the capacity of analysts to process and evaluate it effectively. This can lead to difficulties in distinguishing reliable sources from misinformation or disinformation, and in prioritizing intelligence that is both timely and actionable.

To mitigate these challenges, some organizations have explored the use of automated tools, machine learning algorithms, and crowdsourcing techniques. While large-scale automation remains a developing field, limited efforts involving amateur or citizen analysts have occasionally contributed to the filtering and categorization of open-source data—though such methods are generally considered supplementary rather than definitive.

While OSINT involves only legally accessible, publicly available information, the distinction between lawful research and illegal activity becomes critical when individuals or entities misuse open-source practices.

In most jurisdictions, the unauthorized collection and transmission of sensitive information to a foreign government or intelligence agency—even if obtained from public sources—can constitute espionage , particularly if it involves strategic, military, or national security-related data. Espionage of this nature, distinct from treason (which typically involves betrayal of one’s own state), has historically been employed by states as a tool of diplomacy, warfare, and influence.

It is important to note that while OSINT itself is a legitimate and transparent discipline, its misuse—particularly when combined with covert intent or malicious purpose—can cross into legally and ethically prohibited territory. Therefore, responsible OSINT practitioners emphasize adherence to legal standards, ethical guidelines, and operational security best practices.

As open-source intelligence (OSINT) has grown in prominence across government, military, corporate, and journalistic sectors, a number of professional associations and certification programs have emerged to support practitioners, standardize methodologies, and promote ethical conduct.

The OSINT Foundation is a U.S.-based professional association dedicated to advancing the practice of open-source intelligence within the U.S. Intelligence Community and beyond. Open exclusively to U.S. citizens, the organization aims to elevate the visibility and professionalism of OSINT as a formal intelligence discipline. It serves as a platform for knowledge sharing, networking, and advocacy among current and aspiring OSINT practitioners.

OSMOSIS , an offshoot of the Hetherington Group—a private investigation and corporate intelligence firm—offers training programs and conferences that lead to the Open-Source Certified (OSC) designation. The OSC program was developed to help formalize and standardize professional OSINT practices.

According to the program’s guidelines, candidates must fulfill specific prerequisites and pass a 100-question examination to demonstrate proficiency in open-source research and analysis. The certification emphasizes legal compliance, ethical behavior, and technical competence in gathering and interpreting publicly available information.

IntelTechniques , a provider of investigative and OSINT training, offers the Open Source Intelligence Professional (OSIP) certification. The program is designed to test participants' ability to produce actionable intelligence using real-world scenarios and standardized evaluation criteria.

In addition to structured courses, IntelTechniques fosters a moderated online community where professionals can exchange insights on best practices, tools, and methodologies. While the OSIP certification is optional, participation in the training itself helps individuals develop and refine their OSINT skills for use in law enforcement, journalism, cybersecurity, and corporate investigations.

Beyond formal certifications, several organizations offer specialized OSINT training and platforms for professional development:

• Bellingcat , an independent collective known for its open-source investigative journalism, provides public training sessions and resources for journalists, researchers, and activists.
• Independent educators and trainers also contribute to the field through blogs, podcasts, YouTube channels, and social media communities focused on OSINT tradecraft.

These informal and semi-formal learning environments play a vital role in expanding access to OSINT education and fostering global collaboration among practitioners.

• WashTimes.com, Washington Times – CIA mines 'rich' content from blogs, 19 April 2006
• GCN.com, Government Computer News – Intelligence units mine the benefits of public sources 20 March 2006
• FindAcricles.com, Military Intelligence Professional Bulletin October–December, 2005 by Barbara G. Fast
• FAS.org, Congressional Testimony on OSINT and Homeland Security 21 June 2005
• Forbes.com, When Everyone Can Mine Your Data by Taylor Buley, 11.21.08]
• Thompson, Clive (2006-12-03). "Open-Source Spying". The New York Times. Retrieved 2018-05-29.
• "Open Source Intelligence (OSINT)". RIS Open Source Intelligence. 2018-05-29. Retrieved 2018-05-29.
• "The Intelligence Network : I n t r o d u c t i o n". intellnet.org. 2008-05-09. Archived from the original on 2008-05-09. Retrieved 2018-05-29.

• United Nations Office of the High Commissioner for Human Rights; University of California, Berkeley Human Rights Center (2022). Berkeley Protocol on Digital Open Source Investigations A Practical Guide on the Effective Use of Digital Open Source Information in Investigating Violations of International Criminal, Human Rights and Humanitarian Law (PDF). New York, Geneva: UN Office of the High Commissioner for Human Rights; Human Rights Center, UC Berkeley School of Law. ISBN 978-92-1-154233-2. OCLC 1334608062.

• Deneuville, A., Hernández López, G. & Rasmi, J. (Eds.) 'Contre-enquêtes en sources ouvertes'. Multitudes, 89, 2022.
• Arthur S. Hulnick: 'The Dilemma of Open Source Intelligence: Is OSINT Really Intelligence?', pages 229–241, The Oxford Handbook of National Security Intelligence, 2010
• Cody Burke: 'Freeing knowledge, telling secrets: Open source intelligence and development', Bond University, May 2007 Archived 2016-08-17 at the Wayback Machine
• Florian Schaurer, Jan Störger: 'The Evolution of Open Source Intelligence', OSINT Report 3/2010, ISN, ETH Zürich, October 2010
• Hassan, Nihad A. (30 June 2018). Open source intelligence methods and tools : a practical guide to online intelligence. Hijazi, Rami. [United States]. ISBN 978-1-4842-3213-2. OCLC 1043830928.{{cite book}}: CS1 maint: location missing publisher (link)

• The Open Source Intelligence Resource Discovery Toolkit
• The New Craft of Intelligence: Making the Most of Open Private Sector Knowledge
• Actual Intelligence Case Studies Leveraging Open Source Intelligence (OSINT)
• Sailing the Sea of OSINT in the Information Age
• Open Source Intelligence (OSINT): Issues for Congress, Congressional Research Service, December 5, 2007
• Open Source Intelligence (OSINT): Issues for Congress, Congressional Research Service, January 28, 2008
• The Free Library, FMSO-JRIC and Open Source Intelligence: speaking prose in a world of verse, Military Intelligence Professional Bulletin, Oct–Dec, 2005 by Jacob W. Kipp