Open source intelligence (OSINT) is a data gathering and collation technique that focuses on publicly accessible sources. Common sources include, but not limited to, social media platforms, published content, company websites, forums, and also the dark web, with an end goal to find any information that could pose a risk to an organization.
The gathered data is then combined, normalized, structured, and further analyzed to test the target organization’s operational security. In simpler terms, the data is harvested, enriched, and reported to collectively study the scope of attacks the organization can fall victim to. OSINT can be a part of red team engagements or advanced external network penetration tests.