What is OSINT? Fundamentals of Open-Source Intelligence
OSINT stands for open-source intelligence – gaining insight from publicly available sources. Unlike covert methods, it relies solely on information that is freely accessible: websites, social networks, registries, maps, images, documents or forums.
Where does the data come from?
Public sources are more varied than many assume. Typical categories include:
- Social media – profiles, posts, connections and metadata.
- Registries & databases – company, association or land registries and specialist portals.
- Geodata – maps, satellite and street imagery for geolocation.
- Media & archives – press, blogs, cached pages.
- Technical traces – domains, certificates, publicly reachable services.
Why methodology matters
The difference between merely „googling" and professional OSINT lies in the systematic approach. Every finding needs a traceable source, a timestamp and – ideally – a second, independent confirmation. Only then does an investigation remain sound and verifiable later in the report.
A piece of information without a documented source is worthless when it counts.
Legal and ethical framework
Publicly accessible does not automatically mean „free to use for anything". Data protection, purpose limitation and proportionality set limits. Anyone doing OSINT professionally clarifies the legal framework in advance and documents why which data was collected.
In the following articles we take a closer look at the structured investigation cycle and at operational security (OPSEC).