…and how it all gets together
Open Source Intelligence (OSINT) is a collaborative, integrated research/production METHODOLOGY to CREATE an actionable intelligence product (called OSINT report) resulting from analysis of a representative selection of open source information (OSINF) in order to meet some intelligence requirement that is used to take decisions and start some change.
Open Source Information (OSINF) is information that can be COLLECTED from the public domain by anyone in a legal and ethically acceptable way, and that meets quality requirements such as authenticity, reliability, accuracy, time etc, regardless source, format or time, whether for free or commercial, and is being used to be analysed, probably in conjunctions with other sources, to become OSINT.
Information is any piece or document that serves the purpose of deriving information from, or is assigned that purpose. Thus, anything can be OSINF as long as the object is used to derive information from, like digital info, books, newspapers, audio/video, oral history, taxi drivers, porters, phone logs or archeological findings are all considered information that can be collected, indexed, catalogued, described, categorized and used for analyse, again after applying quality criteria.
Intelligence is analysed information that interprets, explains, predicts, clarifies, connects, judges, opinionates, categorizes, qualifies OSINF in order to support decision makers in making decisions and implementing change. Intelligence is by definition never collected, but created. An intelligence report produced by service P and send to Q is for the sender P intelligence, but for the recipient Q it is information, not intelligence, until Q has analysed the report, then it becomes intelligence again.
Legal and ethical restrictions mean, in short, that OSINF is only OSINF if the information was obtained in a legal way and that the information was intentionally published in the public domain. Hacking, cracking, password sniffing, stealing, data leaks etc. are therefor not considered OSINF and thus not eligable for OSINT. Wikileaks is thus not OSINF since that information was never intended to be in the public domain.
Conclusion. OSINT is thus very much more than just the world wide web (WWW) or social media. OSINT also deals with the other 98% of open source information that is NOT on the WWW or social media or even on the Internet. The W3 is only a fraction (less then 2%) of the surface web.
There is a wide variety of OSINT definitions. Mainly because there is many different requirements or backgrounds. Obvciously, an OSINT definition for a stratetic intel service is different then that of a law enforcement agency. In addition, there is different levels of OSINT, typically there are five classes with varying complexity.
One never collects or gathers OSINT. One CREATES OSINT. Also, there is no such thing as OSINT tools. All ‘tools’ are by assumption open source. OSINT is a methodology, a process, not an object. Almost all tools available today in the digital world, whether free or fee-based, can be used to collect OSINF in one way or the other. Using the phrase OSINT as an adjective does not mean something specific and does not make the tool more special or something.
Want to read more about OSINT or how to design your OSINT production capability? See the OSINT Bibliography I compiled over the years at htttp://bib.opensourceintelligence.biz
Want to learn more about OSINT training? Try http://www.opensourceintelligence.biz
#OSINT #OSINTtraining